Quick Guide - Layer 2 Switching
LAYER 2 SWITCHING
- Switching breaks up a large collision domain into smaller ones. Switches operate at the Data
Link Layer via the use of MAC addresses.
- Spanning Tree Protocol -- eliminates loops in a Layer-2 switched network.
- Collapsed backbone (pre-switch design) -- all hosts needed to go via the backbone to reach
any network services.
- Switches use ASICs (Application Specific Integrated Circuits) to build and maintain their
- Switches are faster than routers because they only look at MAC addresses. There is no
modification to the data packet.
- Bridges are software based, while switches are hardware based. Bridges can only have one
Spanning Tree instance per bridge, switches can have many. Bridges can only have up to 16
- Important Layer-2 switch functions:
- Address learning -- the source MAC address of each received frame is placed in a
- Forward/filter decisions -- after the destination MAC address is found in the table, a packet
is sent through the appropriate exit interface.
- Loop avoidance -- with the help of STP (Spanning Tree Protocol).
- If no loop avoidance scheme is in place, broadcast storms are possible.
- Thrashing -- when a switch is so busy updating the MAC table that is fails to forward a
- Spanning Tree Protocol -- DEC (now known as Compaq) created the original version of
STP. Later, IEEE introduced 802.1d, which is what all Cisco switches use. 802.1d is not
compatible with the DEC version.
- STP uses the spanning-tree algorithm (STA) to create a topology database, and then find and
destroy redundant links.
- Spanning Tree terms:
- Spanning Tree Protocol -- a bridge protocol that uses the STA to find redundant links and
create a topology database.
- Root Bridge -- this is the bridge with the lowest Bridge ID -- all decisions are made from the
perspective of this bridge.
- Bridge Protocol Data Unit (BPDU) -- switches exchange control information in BPDUs.
- Bridge ID -- 8 bytes long -- a combination of the bridge priority (32768 by default on all
switches) and the base MAC addresses. The lowest Bridge ID becomes the root bridge.
- Non-root Bridge.
- Root port -- a link directly connected to the root bridge, or the shortest path to the root
bridge. If more than 1 port, bandwidth is checked. The lowest cost port becomes a root port.
- Designated port -- a forwarding port (can be a root port too) -- if a bridge has 2 ports and it
is not a root bridge, one of the ports is root, and the other is designated (forwarding).
- Port Cost -- determined by the bandwidth of a link.
- Non-designated port -- can be blocking or forwarding.
- Forwarding port.
- Blocked port -- a port that will not forward frames in order to prevent loops.
- BPDUs are sent every 2 seconds.
- Calculating STP cost -- new and original values:
- 10Gbps -- new cost 2, originally 1.
- 1Gbps -- new cost 4, originally 1.
- 100Mbps -- new cost 19, originally 10.
- 10Mbps -- new cost 100, originally 100.
- The 1900 series switches still use the original cost specifications.
- Spanning Tree Port States:
- Blocking -- a blocked port does not forward frames. It just listens to BPDUs.
- Listening -- the port listens to BPDUs.
- Learning -- the port learns MAC addresses and builds a filter table, but does not forward
- Forwarding -- the port sends and receives all data.
- Switch ports are most often in either blocking or forwarding state, unless a change to the
network has just been made.
- Convergence -- the time it takes for a port to switch from blocking to forwarding mode, or
vice versa -- usually 50 seconds. No data is forwarded during this time. It is NOT
recommended to change the default STP timers.
- A root bridge ALWAYS has every port in forwarding mode.
- Switching Modes:
- Cut-Through -- the switch looks up the destination MAC address in the MAC filter table and
starts forwarding the frame immediately -- before the frame is over -- 13 bytes into the frame.
This method is fastest, but has no error checking.
- FragmentFree (Modified Cut-Through) -- the switch reads 64 bytes from the frame (waits
for the collision window to pass) and then forwards the frame. This is the default method for
1900 series switches. The first 64 bytes is where almost all errors happen.
- Store-and-Forward -- a complete frame is received, a CRC is run (invalid CRC is either <>
1518 bytes). This is the slowest method, but with the most error checking. Catalyst 5000
switches use this method, and the setting CANNOT be modified.