What's the difference between a bridge and a switch?

Question

I can't find any authoritative source that can concisely explain the difference between a bridge and a switch. As far as I can tell, most devices commonly referred to as "switches" fit the description of "bridge" as defined by the IEEE 802.1D standard. While it may be the case that a device can be both a bridge and a switch (perhaps "switch" is a subset of "bridge"?), I can only find "hand-wavy" explanations of the difference. The most commonly cited differences I have come across boil down to one of these two:

Switches have many ports, bridges only have two (or some other small number)
Switches perform forwarding in hardware, while bridges perform it in software

I'm unsatisfied with these answers because:

The IEEE standards clearly don't state or assume that bridges will have only two ports. If anything, the assumption is that there will be many more than two ports. So this explanation is simply absurd. (Even Cisco attempts to pass this off as one of the differences).
The IEEE standards seem to define "bridge" by what it does, not by how it does it. There's nothing in the standard that I could find that says bridging must or should be done in software. So a bridge that forwards in hardware would still be a bridge as far as the standard is concerned.

In fact, when I searched the IEEE 802.1D standard, there was no mention of the word "switch" at all. So "bridge" seems to be the technically correct term. However, since the word "switch" seems to be more commonly used (by far) I can't help but wonder if there is some actual differentiating factor. Or is this just a case of different words being used to describe the same thing?

References to sources would be especially appreciated.

EDIT: I should add that I am fully aware of the fact that bridges are not the same thing as repeaters.

@Rex: What would a pure bridge lack, that a switch would have? — Dan Moulding, Oct 26 '09 at 02:49
@Rex: I don't think that's the case. For example, there are modules for Cisco catalyst *switches* that allow them to convert from Ethernet to frame relay and back. This protocol conversion function would more aptly be termed a "gateway" than a "bridge", I would think. The aforementioned Cisco modules would allow a Catalyst switch to perform gateway functions, but it's still a *switch*. But what about it makes it a switch rather than a bridge? — Dan Moulding, Oct 26 '09 at 10:13

score 8 · Accepted Answer · edited Jan 14 '13 at 18:52

The IEEE standards clearly don't state or assume that bridges will have only two ports. If anything, the assumption is that there will be many more than two ports.

You are correct. Actually, you can see a bridge with three ports in IEEE 802.1D standard. ( See Figure 7-1—A Bridged Local Area Network ).

Okay, I found this article: "The 10 Most Important Products of the Decade":

It sheds some light on the origin of the term "switch" and some quick quotes from the article will clarify several important points which cause endless confusion...

Why EtherSwitch and not EtherBridge? Two reasons: First, bridging was a bad word in the industry, one to be avoided by any good marketer. Second, Kalpana's product didn't meet IEEE specifications for a bridge, so rather than fight, the company switched.

Switching was just a fancy name for bridging, and that was a 1980s technology--or so the thinking went.

A few jots in its legendary checkbook brought Cisco from switching sideliner to switching headliner, and one of the company's key acquisitions was Kalpana.

Indeed. The RSTP section is specifically what I had in mind when I made this claim. There are other examples in that section, as well. For instance, figure 17-7 shows two bridges, each with eight ports. — Dan Moulding, Oct 26 '09 at 10:20

chris · Answer 2 · 2009-10-27T13:18:14.017

An ethernet switch is a multiport ethernet bridge. A bridge is a device that splits collision domains but not broadcast domains. A switch is simply a bridge with lots of ports. Other examples of bridges are wireless access points and dual speed hubs. I don't think implementation (store&forward vs fast forwarding, software vs hardware, 2 ports vs many ports etc) makes it difference in kind, only a difference in degree (ie faster bridge or more ports on a bridge, etc).

Ethernet was originally an "everyone sees all traffic" protocol. That's how traffic management happened -- if someone else is using the network, you wait until they're not; if two people try to use the network at the same time, both wait a random amount of time before attempting to use the network again. This was a "collision domain" or what people now call a "broadcast domain" because everything is switched and there are no more collisions (two simultaneous initiators of traffic).

A bridge, in this context, only forwards traffic to stations on the other side of the bridge if it has learned that that station is on the other side of the bridge. If it hasn't seen the target MAC, it will send it over the bridge (flooding) or if it is a broadcast / multicast, it will also send it over the bridge.

In ethernet, it is useful to remember how the technology was invented and deployed. First came shared media such as 10base5 and 10base2, both of which are coaxial cables that physically carry all traffic to all stations as an RF signal. Because vampire taps on 10base5 connections were expensive, people also used AUI repeaters that acted somewhat like hubs, but weren't. None of this equipment had any memory at all; the traffic went through or it didn't (and if it didn't the sender was expected to retransmit).

Only much later did people start using twisted pair and deploying ethernet 10baseT hubs. A common topology was to use 10base5 as a building backbone and 10baseT to some locations, and connect different 10base5 backbone networks to each other using bridges or repeaters, depending on the traffic patterns and local budgets.

Best answer. I pulled an entire campus wide coax network (praise those screw on BNC connectors) 5 years before we started calling it 'twisted pair', while still oblivious to just how crucial the staggering of spacing between each pair's twist really was. I was going to answer until I saw this. I still have my trusty terminator in my tool box :) — Tim Post, Oct 26 '09 at 17:33
I still remember my first datacom class that tried to explain ethernet. "Its like a school hallway, people keep poking their heads out the door saying 'I'm going to talk now' .. if no one down the hall said 'shut up' .. you get to talk". This is how people in their 30's and 40's get categorized as dinosaurs. — Tim Post, Oct 26 '09 at 17:41
This is a great history lesson, but it doesn't address the question much. You say that bridges do not isolate broadcast domains. Does that imply that switches *do*? As far as I know, they don't (only routers or gateways are commonly used for that, AFAIK). — Dan Moulding, Oct 27 '09 at 01:15
You're looking for a distinction without a difference. The defining characteristic of a bridge is that isolates collision domains but not broadcast domains. This happens to be what a switch does as well, but across many network segments instead of just two. — chris, Oct 27 '09 at 02:10
It's well established that bridges aren't restricted to two network segments. This has been discussed here already. — Dan Moulding, Oct 27 '09 at 14:15
Since this is the only correct answer, it should've been the accepted one. — Ward - Reinstate Monica, Nov 20 '09 at 03:16
@Ward: Not only is this not the *only* correct answer, it's not even correct, really. If you think it is, then you need to re-read the accepted answer, or google for what Radia Perlman (of spanning tree fame) has to say about the topic of "bridge" vs. "switch". — Dan Moulding, Dec 06 '09 at 06:49

score 4 · Answer 3 · answered Oct 26 '09 at 01:28

4

I don't see any specific reason for confusion here - the standards refer to bridging and they define how bridging works, switches are generally just fast multi-port bridges - both are L2 devices that extend broadcast domains but limit collision domains. Cisco have a pretty good document on their view of the differences here.

answered Oct 26 '09 at 01:28

Helvick

19,579
4
37
55

This is just same article I linked to from my question. Cisco's explanation is patently absurd because 802.1D clearly doesn't limit bridges to two ports or two segments. – Dan Moulding Oct 26 '09 at 01:36
Moreover, your answer doesn't point out a real difference. Clearly the relevant standards allow for bridges of different speeds. Not to mention that a "fast" switch today will be a slow switch ten years from now. Does that mean that it will turn into a bridge? :P – Dan Moulding Oct 26 '09 at 01:51
2

Oops - my bad. I still don't see any absurdity, but if your point is that Switch is an undefined term then fair enough. "Switch" as a term doesn't have a formal IEEE definition, its a loosely defined commercial term used by manufacturers to label fast multi-port bridges (and routers on occasion). The standard doesn't need to care as it defines the Layer 2 behaviour, but the vendors do. – Helvick Oct 26 '09 at 01:53
1

I like that explanation (that "switch" is merely a commercial term, with no universally agreed upon technical definition). But it makes one wonder why the vendors (as Cisco does in that article) attempt to draw a technical difference when there is none? – Dan Moulding Oct 26 '09 at 01:57
I am starting to believe the marketing/commercial buzz term origin on this. It makes sense that a bridge would be called a bridge when it only had 2 ports. But as muliport bridges came available the term bridge probably sounded too linear/unidirectional. I don't know too many bridges over water that go any where but from on side to the other. – ITGuy24 Oct 27 '09 at 13:40

score 2 · Answer 4 · answered Aug 02 '12 at 06:25

"Bridge" has a clear definition given by the standards, it is more a concept than an object, a bridge is "something that acts in a certain way" and the way is defined by the standard; no matter how many ports it has, if it does it in hardware or software, etc.

At the time networks where mostly "one collision domain per LAN" (think of the coax ethernet or of a network of machines attached to an hub) some industry did put on the market "an object which contained a bridge with as any ports as the number of physical interfaces it had", for an analogy with the telco terminology where this resembled much the behavior of a "telephone switchboard", and to distinguish it on the market from the existing habit to "put a bridge with two/few ports between two/few hubs" (which was very common at the time to split the collision domain in parts) ... they called it "switch".

Note that the term "switch" is commercial, it does not have a standard or formal definition. Note also how nowadays in a world with dot1q tagging, port aggregations, "layer 3 switches" (which are nothing else than "routers with many interfaces in marketing terminolgy :)"), etc ... what we call a "switch" can actually contain in formal network design terms several bridges, one or more routers, some hub, various hosts and other stuff; all packaged in a dedicated device.

A.

hallidave · Answer 5 · 2009-10-26T18:48:42.363

2

For Ethernet, the term "switch" is a marketing term used to distinguish the hardware from a "hub". A switch provides dedicated bandwidth per port whereas the hub shares bandwidth among the ports. The term "switch" also usually implies that forwarding of known MAC addresses is done in hardware.

Bridging is a function that may be implemented by a switch. Back in the bad old days there used to be separate software-centric boxes called "bridges" but that function has pretty much been taken up by Layer 2 switches. In fact, with 802.1q there can now be multiple bridges in a single switch.

There is a pretty good explanation of how the terms got munged together here:

http://en.wikipedia.org/wiki/Network_bridge#Bridge_versus_Layer_2_switch

edited Oct 26 '09 at 18:48

answered Oct 26 '09 at 02:36

hallidave

291
2
4

2

The problem with this explanation is that a "switch" without bridge functionality would do... what? Nothing of any general use as far as I can tell, if it doesn't perform the function of a bridge. So this notion that switches have "taken up" the functionality formerly performed by bridges seems hokey at best. The hardware vs software thing only really means that switches are fast bridges. This would be a qualitative, non-technical, and subjective distinction. I'm looking for something concrete. Incidentally, "bridge" could also distinguish from "hub". – Dan Moulding Oct 26 '09 at 02:47
1

So I finally dragged out my copy of "Interconnections, Second Edition" - a classic book on networking. In Chapter 5, Perlman covers the switch versus bridge topic in detail. To quote: "Unfortunately, people coined the word switch assuming they were inventing a new concept, somehow different from a bridge or a router....One cynical (and ungrammatical) definition I use for switch is 'a marketing term that means fast.'" – hallidave Oct 26 '09 at 18:46
That's a great find. Ms. Perlman is definitely highly regarded in this area and would qualify as an authoritative source, in my book. Thanks for finding that. So far, this seems to be the best explanation. But I'll wait and see if anyone else can come up with any different convincing answers. – Dan Moulding Oct 26 '09 at 20:36

score 1 · Answer 6 · answered Oct 26 '09 at 13:42

Bridge historically meant a device that forwarded packets between two types of media. Your typical wireless AP with built in ethernet port(s) would be the best example of that. Both the wireless and the wired side would be in the same broadcast and collision domain. There's no inspection, filtering, etc going on, just whatever shows up on one port goes to some other ports.

Switch is a bunch of ports of (usually) the same type. As far as hubs are concerned, I like the old name of 'repeaters' as they repeat a packet incoming on one port to all other ports on the hub. There's no media changing here, just simple repeating. The only difference between switches and hubs is that switches are more intelligent; they 'learn' MAC addresses answering on a particular port, so when a new packet comes in for that MAC addr, the packet gets forwarded there, and only there. A switch would blindly blast the packet to every other port on the hub. This is beneficial for both security and performance.

Then there's 'Layer 3 switches.' So far bridges, hubs, and regular switches were all Layer 2, but these guys are more intelligent yet. They actually inspect the IP headers (thus Layer 3), and can make decisions based on the information found in the IP headers. This is how all the routing, ACL's, and some simple filtering can be done at the switch level without needing a packet filtering firewall or a router.

So as you can see, theory is one thing, and what the products end up doing can be quite different, and make it difficult to keep track of all the little nuances.

An actual bridge (not a repeater) separates physical network segments from each other such that each segment's collision domain is independent from the others. In a wireless AP, the wireless segment's collision domain is not shared with the wired side. Also, the most common use of bridges is for connecting segments of the same MAC type (e.g. many ethernet segments) for extending network beyond their segment length limits, and for introducing such things as RSTP and VLANs. What you are describing (in your AP example) would actually be a repeater (aka a hub). — Dan Moulding, Oct 27 '09 at 01:11

ITGuy24 · Answer 7 · 2009-10-27T13:24:39.923

1

Bridges were historically used to reduce the size of collision domain created by hubs, when people still used hubs that is.

Switches were just the next step which eliminated the collision domain completely.

The main differences in my opinion is bridges were not used for direct client access, a bridge would connect to hubs. Hubs provided direct client access.

edited Oct 27 '09 at 13:24

answered Oct 26 '09 at 19:52

ITGuy24

1,576
1
15
29

Interesting answer. It sounds like you're saying that a switch is a bridge that only allows the attachment of one station to a segment (thereby eliminating collisions). While the technical definition of bridge doesn't specify this, it may very well be that this was a major distinguishing factor between the first "switches" and their bridge brethren. – Dan Moulding Oct 27 '09 at 01:22
I guess my main point was that bridges were used at the distribution layer of a network and not the access layer. At the time access layer connectivity was provided by hubs. Where as switches span both layers. – ITGuy24 Oct 27 '09 at 13:31

sybreon · Answer 8 · 2009-10-26T01:06:30.157

0

This is my opinion. It is not about the number of ports. It is not about doing it in hardware/software. It is about which layer is being handled and what protocols. A bridge generally works at L2 and converts (bridges) between disparate protocols. A switch generally works at L2 and moves (switches) packets around for networks of the same protocol. For more info, read these articles.

edited Oct 26 '09 at 01:06

answered Oct 26 '09 at 01:00

sybreon

7,357
1
19
19

1

The problem with this notion is that Ethernet bridges bridge Ethernet *only*. They don't convert between different protocols. – Dan Moulding Oct 26 '09 at 01:04

What's the difference between a bridge and a switch?

8 Answers8

Linked