Multiple switches - how does it work?

14

1

I was reading about networking hardware some time ago and came across an explanation on how network switches work - basically, it said that a switch keeps an internal database of what MAC address is connected to each port, and when it receives a packet, it will look up the destination MAC in its database and forward the packet to the correct port.

That got me wondering - what happens if you have switches connected to switches, like this:

Computer A
    |
 Switch 1
    |
 Switch 2
    |
Computer B

Part of my home network is set up like this, so clearly it still works somehow. But if Computer A wants to send a packet to Computer B, how does Switch 1 know to forward the packet to Switch 2? Since Switch 1 is not directly connected to Computer B, how can it have the MAC address of Computer B in its database, if Switch 2 doesn't provide Switch 1 with that information?

tlng05

Posted 2014-11-30T22:02:48.817

Reputation: 699

1Assuming an Ethernet frame going from Computer A to Computer B, both Switch 1 and Switch 2 will eventually have a CAM table entry for Computer B's MAC address. The switch doesn't care what's really on the other side of it, just what MAC address it's Ethernet frames come back as. – LawrenceC – 2014-11-30T23:44:39.857

Answers

23

If Switch 1 doesn't know what port the frame (not packet!) is meant to go to, it will flood all ports (except the port the frame originated from). One of those ports will be connected to Switch 2, which means Switch 2 gets the frame.

If Switch 2 doesn't know what port the frame is meant to go to, it will flood all ports (except the port the frame originated from). One of those ports will be connected to Computer B.

So Computer B eventually gets the frame, meanwhile all other devices ignore it.

Now you can connect the dots. When Computer B responds, Switch 2 will learn that frames destined for Computer A go to the port that has Switch 1 connected to it, and Switch 1 will learn that frames destined for Computer B go to the port that has Switch 2 connected to it.

misha256

Posted 2014-11-30T22:02:48.817

Reputation: 10 292

7so basically, switches act a bit like old-school hubs for unknown frames. – Sirex – 2014-11-30T23:20:23.023

2Exactly, which means there's always going to be some flooding, just not much or often. Ha, old school hubs. Reminds me of Satellite Internet in the 90s, where the receiver installed in your PC had to ignore all packets not intended for you. Talk about flooding! – misha256 – 2014-12-01T00:50:59.803

2What happens if we send a ping request? Will every device attached to the switch respond, or will the switch itself respond to the ICMP ping? – AStopher – 2014-12-01T12:56:52.980

@misha256 In fact, all modern Cable Internet Services and many Fiber Optic Internet Services still send all packets intended for your neighborhood (or maybe just your block or two) and your modem has to filter out the one that aren't yours. – Moshe Katz – 2014-12-02T01:25:26.713

6

Physical port on a switch counts as OSI layer 1. All MAC addresses that arrive into this particular port represent physical addresses of network devices (OSI layer 2). On each active port, there can be 0, 1 or more MAC (or CAM or whatever switch vendor names them) addresses. In fact, switch does not have a clue what type of device is connected without additional information (either administrator or some specially designed protocol tells more).

So, connecting a switch to another switch, all MAC addresses that one switch knows can be replicated to another switch. If it is a dummy switch, then all MAC addresses contribute to the same unnamed LAN. If it is a better one, it can have configured multiple virtual LANs (VLAN) and every VLAN has its own set of MAC addresses. They can be repeated in more than one VLAN.

If a switch receives the same physical address through more than one interface, it is usually detected and counted as "MAC flapping". It means that switch can not be sure through which port a packet with certain MAC address is to be sent.

Switches usually forget about MAC address on a port if it does not appear in last few minutes. This is good; otherwise switches can receive too much information which can be contradictory over the time.

Occasionally, due to network error or a hacker attack within a network, some device(s) can generate a lot of MAC announcements. If the number of announced MAC addresses is too high for switch to remember, it can decide to forget about optimal packet delivery. If not sure, on what port a MAC address resides, a packet can be transmitted to all ports like a broadcast (an attack with name arp-spoofing succeeded).

If administrator is aware of potential risks, it can pose a limit on how many different MAC addresses can possibly appear on each port. If it is known that through a port only one computer at a time is connected, then it can be configured as "we can have only one mac" (the type of port on your sketch from Computer A to Switch 1). If it is not known, or another switch is connected to a port, limit can be reasonably raised or even left as unlimited (on an average switch, unlimited is in fact few thousand).

Hope it helps.

Martin

Posted 2014-11-30T22:02:48.817

Reputation: 61

Asked: 2014-11-30T22:02:48.817

Viewed: 3 679 times

Active: 2014-12-01T02:40:31.790