Try   HackMD
Packet Switching Concepts

Frame Forwarding

Learn and Forward

The following two-step process is performed on every Ethernet frame that enters a switch:

Learn - Examining the Source MAC Address

  • If the source MAC address does not exist in the MAC address table, the MAC address and incoming port number are added to the table.
  • If the source MAC address does exist, the switch updates the refresh timer for that entry. By default, most Ethernet switches keep an entry in the table for five minutes.
  • If the source MAC address exists in the table, but on a different port, the switch treats this as a new entry. The old entry is replaced using the same MAC address, but with the more current port number.

Forward - Examining the Destination MAC Address

  • If the destination MAC address is in the table, it will forward the frame out of the specified port.
  • If the destination MAC address is not in the table, the switch will forward the frame out of all ports except the incoming port. This is called an unknown unicast. If the destination MAC address is a broadcast or a multicast address, the frame is also flooded out all ports except the incoming port.

Store-and-Forward Switching

This method makes a forwarding decision on a frame after it has received the entire frame and checked the frame for errors using a mathematical error-checking mechanism known as a cyclic redundancy check (CRC). Store-and-forward switching is Cisco’s primary LAN switching method.

  • Error checking - After receiving the entire frame on the ingress port, the switch compares the frame check sequence (FCS) value in the last field of the datagram against its own FCS calculations. The FCS is an error checking process that helps to ensure that the frame is free of physical and data-link errors. If the frame is error-free, the switch forwards the frame. Otherwise, the frame is dropped.
  • Automatic buffering - The ingress port buffering process used by store-and-forward switches provides the flexibility to support any mix of Ethernet speeds. For example, handling an incoming frame traveling into a 100 Mbps Ethernet port that must be sent out a 1 Gbps interface would require using the store-and-forward method. With any mismatch in speeds between the ingress and egress ports, the switch stores the entire frame in a buffer, computes the FCS check, forwards it to the egress port buffer and then sends it.

Cut-Through Switching

This method begins the forwarding process after the destination MAC address of an incoming frame and the egress port have been determined.

While the store-and-forward switching method drops frames that do not pass the FCS check, the cut-through switching method does not perform an FCS check. This gives it the ability to perform rapid frame switching: the switch can make a forwarding decision as soon as it has looked up the destination MAC address of the frame in its MAC address table. The switch does not have to wait for the rest of the frame to enter the ingress port before making its forwarding decision.

The lower latency speed of cut-through switching makes it more appropriate for extremely demanding, high-performance computing (HPC) applications that require process-to-process latencies of 10 microseconds or less.

Because the cut-through switching method can forward frames with errors, this method can have a negative impact on bandwidth, clogging up the network with damaged and invalid frames.

Fragment free switching is a modified form of cut-through switching in which the switch only starts forwarding the frame after it has read the Type field. Fragment free switching provides better error checking than cut-through, with practically no increase in latency.

Collision and Broadcast Domains

Collision Domains

In legacy hub-based Ethernet segments, network devices competed for the shared medium. The network segments that share the same bandwidth between devices are known as collision domains. When two or more devices within the same collision domain try to communicate at the same time, a collision will occur.

If an Ethernet switch port is operating in half-duplex, each segment is in its own collision domain. If the switch port is connected to a device operating in half-duplex, such as a legacy hub, then the switch port will operate in half-duplex.

There are no collision domains when switch ports are operating in full-duplex.

Broadcast Domains

A collection of interconnected switches forms a single broadcast domain. When two switches are connected together, the size of the broadcast domain is increased. Only a network layer device, such as a router, can divide a Layer 2 broadcast domain. Routers are used to segment broadcast domains, but will also segment a collision domain.

The Layer 2 broadcast domain is referred to as the MAC broadcast domain. The MAC broadcast domain consists of all devices on the LAN that receive broadcast frames from a host.

When a switch receives a broadcast frame, it forwards the frame out each of its ports, except the ingress port where the broadcast frame was received. Too many broadcasts and a heavy traffic load on a network can result in congestion, which slows down network performance.

Last changed by 
Faelin Landy
0
619

Read more

Ruby on Rails Tutorial, pt. 1 – Ruby

Overview of the "Ruby" part of Ruby on Rails

Jan 25, 2024
ASA Firewall Configuration

ASA Firewall Configuration [toc] --- Getting Started ASA CLI Overview The ASA command line interface has a similar look and feel to the Cisco router IOS. However, the ASA CLI also has different commands. This table contrasts common IOS router and ASA commands.

Nov 21, 2021
Network Security Configuration

Network Security Configuration [toc] --- {%hackmd r8ZvM3noSwKf-NviH6Qb3Q %} Dynamic Routing Protocol Security Routing systems can be attacked by disrupting peer network routers, or by falsifying or spoofing the information carried within the routing protocols. Spoofing routing information may generally be used to cause systems to misinform each other, cause a DoS attack, or cause traffic to follow a path it would not normally follow.

Nov 21, 2021
VPN Configuration

VPN Configuration [toc] --- Overview To secure network traffic between sites and users, organizations use virtual private networks (VPNs) to create end-to-end private network connections. VPNs are private in that traffic over a VPN is encrypted to keep the data confidential while it is transported across a public network. :::info The first types of VPNs were strictly IP tunnels that did not include authentication or encryption of the data. For example, Generic Routing Encapsulation (GRE), which does not include encryption services, is used to encapsulate IPv4 and IPv6 traffic inside an IP tunnel to create a virtual point-to-point link.

Nov 18, 2021
Read more from Faelin Landy
Published on HackMD