Understanding Data Link Layer switches

2Comments

more +

By Guest Contributor
March 1, 2001, 8:00am PST
There's a lot of Cisco material these days buzzing about multilayer
switches and the benefits they can afford the internetwork. But if
you're working in a production network or studying for your Cisco
exams, what you really need is to be armed with a good grasp of
exactly what a Layer 2 switch is and how a switch works within an
internetwork.

In my last Daily Drill Down, you learned about the OSI model and
how Cisco creates networks based on it. Cisco switches are
primarily sold as Layer 2 (Data Link) devices. This should tell you
that these switches perform their filtering and segmenting tasks
using only the hardware (MAC) address of a given device.
By default, Layer 2 switches break up collision domains but not
broadcast domains. You canpurchase optional cards from Cisco that
increase the switches functionality into the routing arena, thereby
allowing them to also break up broadcast domains. But I'm not
going there in this Daily Drill Down. First things, first. For now, we're
only going to look into how Cisco switches are used in an
internetwork at Layer 2.
Layer 2 switching
As I said, Layer 2 switching is hardware-based, meaning it uses the
Media Access Control (MAC) address from the host's network
interface cards (NICs) to filter the network. Cisco switches use
application-specific integrated circuits (ASICs) within their switches
to build and maintain filter tables. Since all network segments aren't
concerned with the same types of data, it's quite advantageous in
terms of efficiency to be able to "shelter" various segments from
having certain types of data unnecessarily traversing them. And
switch filter tables do exactly thatthey exist to prevent unwanted or
unneeded traffic from traversing certain network segments.

ure A

For a switch to provide this type of segmentation on the network, it

creates something called a collision domain. Let's talk about
collision domains in more detail.
Collision domains
A collision domain is defined as a network segment that shares
bandwidth with all other devices on the same network segment.
When two hosts on the same network segment transmit at the same
time, the resulting digital signals will fragment or collide, hence the
term collision domain. It's important to know that a collision domain
is found only in an Ethernet half-duplex network. Since most of
today's LANs use some type of Ethernet network, collision domains
are likely to be an important part of your network design.
Hubs
Historically, hubs have created collision domains. Hubs are really
multiple port repeaters. It works like this: A repeater receives a
digital signal, reamplifies or regenerates that signal, and then
forwards it out all active ports without looking at any data.
An active hub provides the same function as a repeater but with
more ports. In Figure A, you can see that when a digital signal is
sent from host A, that signal is regenerated or reamplified and
transmitted out all active ports on the hub.

s hub is connected to four PCs.

Hubs, like repeaters, don't examine any traffic as the signal enters a
port or as it is transmitted onward to other network segments. Hubs
create a physical star network topology where the hub is a central
device and cables radiate outward from it in all directions (creating a
visual "star" effect). But Ethernet networks use a logical bus
topology instead. What's a logical bus topology? Well, buses run
from one end of a route to the other end, stopping at all bus stops
along their given routes, right? It's the same concept that gives
logical bus topology its namethe signal has to run from end to end
on the network, and every device connected to the hub, or hubs,
must listen if a device transmits.
If two devices on this network send a digital signal simultaneously, a

ure B

collision occurs. When that happens, a jam signal is sent from the
transmitting devices telling the rest of the devices on the network not
to transmit. All devices then start a back-off algorithm clock. This is
set to a predetermined amount of time, plus a random number, so
that no two devices will begin transmitting again at the same time
(we hope).
Layer 2 switches
Since building our networks on hope is not a good idea, switches
were developed to address the hub-related hope issue existing in an
Ethernet network. The greatest benefit gained by using switches
instead of hubs is that each switch port is its own collision domain.
Remember? Switches can provide this cool feature because they
segment your network by MAC (hardware) address. But also recall
that switches do not break up broadcast domains, meaning that if a
device sends a broadcast, all devices connected to that switch must
listen.
Another benefit of using switches instead of hubs in your network is
shown in Figure B.

co switches forward broadcast addresses by default.

Figure B demonstrates how a switch sends a signal only to the

destination device on a network by using a MAC address filter table.
Notice that the other devices connected to the switch aren't
receiving the frame. This keeps unneeded or unwanted traffic from
using bandwidth on any segment other than the segment where the
actual destination device is located.
Broadcast domains
All devices plugged into a hub are in the same collision
domain and the same broadcast domain. All devices plugged into a
switch are in separate collision domains but the same broadcast
domain.
A broadcast domain is defined as all devices on a network segment
that hear broadcasts sent on that segment. Figure C shows a host
sending a broadcast and how it's sent to all devices.

ure C

broadcast is propagated to all switch ports.

When host A sends a broadcast, the frame is sent out to all ports
except the one the frame was originally received on.
To break up broadcast domains, we've traditionally used routers. In
many ways, you can think of a router as a Layer 3 switch because
packets received on an interface are switched to an exit port
specified by routing table entries. Presently, more and more devices
are being designed and built as multilayer switches, which gives us
a bunch of functions all in one box.
Layer 2 switching in an internetwork
Layer 2 switching is efficient because there's no modification to the
data packet; if the frame is going from one Ethernet segment to

another Ethernet segment on the same switch, the frame is

forwarded without any modification at all. Only the hardware
address is read in the frame to determine the destination segment.
That's all that is necessary because the frame is forwarded only to
the segment the destination host is located on.
Layer 2 switching is used for workgroup connectivity and network
segmentation (breaking up collision domains), which give you the
capability to do two things: create a flatter network design, and one
that avails more network segments than traditional 10Base-T shared
networks did. This enhanced capacity has helped spawn new
players in the network infrastructure, such as server farms and
intranets.
Server farms
Servers are no longer distributed to various physical locations
because virtual LANs can be created to create broadcast domains
in a switched internetwork. This means that all servers can be
placed in a central location, yet a certain server can still be part of a
workgroup in a remote branch.
Virtual LANs are a way to break up broadcast domains in a Layer 2
switched network.
Intranets
These allow for organization-wide client/server communications
based on a Web technology.

These new technologies are allowing more data to flow off of local
subnets and onto a routed network. Therefore, this is where a
router's performance, or lack thereof, can produce the bane of many
a networkthe bottleneck.
Cisco Catalyst switches
Here's some information on Cisco switches and what is
available today. This information changes almost every month
(seriously), so either check out Cisco's Web site or a reseller for
the most current information.
Closet switches
Cisco calls this layer the access layer, as this is the point where
users gain access to the internetwork. The switches that Cisco
recommends at this layer are listed below:

1900/2800 provides switched 10Mbps to the desktop

or to 10Base-T hubs in small to medium campus networks.

2900 provides 10/100Mbps switched access for up to

50 users and gigabit speeds for servers and uplinks.

4000 provides a 10/100/1000Mbps advanced highperformance enterprise solution for up to 96 users and up
to 36 Gigabit Ethernet ports for servers.

5000/5500 is used in large campuses to provide

access for more than 250 users. The Catalyst 5000 series
supports 10/100/1000Mbps Ethernet switching.
Aggregation point switches
Cisco calls this layer the distribution layer, and its main purpose is to
connect the access layer closet switches to the internetwork. The
Cisco switches recommended at this layer are:

2926GA robust switch that uses an external router

processor like a 4000 or 7000 series router.

5000/5500The most effective distribution layer

switch, it can support a large amount of connections and
also an internal route processor module called a Route
Switch Module (RSM).

6000The Catalyst 6000 can provide up to 384

10/100 Ethernet connections, 192 100FX Fast Ethernet
connections, and 130 Gigabit Ethernet ports.
Backbone switches
Cisco calls these switches the core layer switches. The following
switches are recommended by Cisco for use in the core:

5000/5500The 5000 is a great distribution layer

switch, and the 5500 is a great core layer switch. The

Catalyst 5000 series of switches includes the 5000, 5002,

5500, 5505, and 5509.

6500The Catalyst 6500 series switches are designed

to address the need for gigabit port density, high
availability, and multilayer switching for the core layer
backbone and server-aggregation environments.

8500The Cisco Catalyst 8500 is a core layer switch

that provides high-performance switching. The Catalyst
8500 uses application-specific integrated circuits (ASICs) to
provide multiple-layer protocol support, including Internet
Protocol (IP), IP multicast, bridging, Asynchronous Transfer
Mode (ATM) switching, and CiscoAssure policy-enabled
Quality of Service (QoS).
Conclusion
Cisco switches are not the best-designed switches in the world, and
most network managers know this. However, we still buy Cisco
switches because Cisco has the best tech support system available
compared to any other network company.
Layer 2 switches are very popular because you can just replace
hubs in an internetwork and your network is better without any
configuration. By adding VLANs and other optional routing cards,
you can also break up broadcast domains and make your network
even better. If you don't know what youre doing, however, and dont

understand the difference between a Layer 2 and a Layer 3 device,

you can make your network worse!
This Daily Drill Down gives you basic background on why you would
use Layer 2 switches in your internetwork. My next Daily Drill Down
will focus on Layer 3 devices and how to use routers in your
internetwork.
The authors and editors have taken care in preparation of the
content contained herein but make no expressed or implied
warranty of any kind and assume no responsibility for errors or
omissions. No liability is assumed for any damages. Always have a
verified backup before making any changes.