Network switch: Difference between revisions

Content deleted Content added

Inline

Latest revision as of 22:30, 29 April 2024

Avaya ERS 2550T-PWR, a 50-port Ethernet switch

A network switch (also called switching hub, bridging hub, and, by the IEEE, MAC bridge^[1]) is networking hardware that connects devices on a computer network by using packet switching to receive and forward data to the destination device.

A network switch is a multiport network bridge that uses MAC addresses to forward data at the data link layer (layer 2) of the OSI model. Some switches can also forward data at the network layer (layer 3) by additionally incorporating routing functionality. Such switches are commonly known as layer-3 switches or multilayer switches.^[2]

Switches for Ethernet are the most common form of network switch. The first MAC Bridge^[3]^[4]^[5] was invented^[6] in 1983 by Mark Kempf, an engineer in the Networking Advanced Development group of Digital Equipment Corporation. The first 2 port Bridge product (LANBridge 100) was introduced by that company shortly after. The company subsequently produced multi-port switches for both Ethernet and FDDI such as GigaSwitch. Digital decided to license its MAC Bridge patent in a royalty-free, non-discriminatory basis that allowed IEEE standardization. This permitted a number of other companies to produce multi-port switches, including Kalpana.^[7] Ethernet was initially a shared-access medium, but the introduction of the MAC bridge began its transformation into its most-common point-to-point form without a collision domain. Switches also exist for other types of networks including Fibre Channel, Asynchronous Transfer Mode, and InfiniBand.

Unlike repeater hubs, which broadcast the same data out of each port and let the devices pick out the data addressed to them, a network switch learns the Ethernet addresses of connected devices and then only forwards data to the port connected to the device to which it is addressed.^[8]

Overview[edit]

Cisco small business SG300-28 28-port Gigabit Ethernet rackmount switch and its internals

A switch is a device in a computer network that connects other devices together. Multiple data cables are plugged into a switch to enable communication between different networked devices. Switches manage the flow of data across a network by transmitting a received network packet only to the one or more devices for which the packet is intended. Each networked device connected to a switch can be identified by its network address, allowing the switch to direct the flow of traffic maximizing the security and efficiency of the network.

A switch is more intelligent than an Ethernet hub, which simply retransmits packets out of every port of the hub except the port on which the packet was received, unable to distinguish different recipients, and achieving an overall lower network efficiency.

An Ethernet switch operates at the data link layer (layer 2) of the OSI model to create a separate collision domain for each switch port. Each device connected to a switch port can transfer data to any of the other ports at any time and the transmissions will not interfere.^[a] Because broadcasts are still being forwarded to all connected devices by the switch, the newly formed network segment continues to be a broadcast domain. Switches may also operate at higher layers of the OSI model, including the network layer and above. A switch that also operates at these higher layers is known as a multilayer switch.

Segmentation involves the use of a switch to split a larger collision domain into smaller ones in order to reduce collision probability and to improve overall network throughput. In the extreme case (i.e. micro-segmentation), each device is directly connected to a switch port dedicated to the device. In contrast to an Ethernet hub, there is a separate collision domain on each switch port. This allows computers to have dedicated bandwidth on point-to-point connections to the network and also to run in full-duplex mode. Full-duplex mode has only one transmitter and one receiver per collision domain, making collisions impossible.

The network switch plays an integral role in most modern Ethernet local area networks (LANs). Mid-to-large-sized LANs contain a number of linked managed switches. Small office/home office (SOHO) applications typically use a single switch, or an all-purpose device such as a residential gateway to access small office/home broadband services such as DSL or cable Internet. In most of these cases, the end-user device contains a router and components that interface to the particular physical broadband technology.

Many switches have pluggable modules, such as Small Form-factor Pluggable (SFP) modules. These modules often contain a transceiver that connects the switch to a physical medium, such as a fiber optic cable.^[10]^[11] These modules were preceded by Medium Attachment Units connected via Attachment Unit Interfaces to switches^[12]^[13] and have evolved over time: the first modules were Gigabit interface converters, followed by XENPAK modules, SFP modules, XFP transceivers, SFP+ modules, QSFP,^[14] QSFP-DD,^[15] and OSFP^[16] modules. Pluggable modules are also used for transmitting video in broadcast applications.^[17]^[18]

Role in a network[edit]

Switches are most commonly used as the network connection point for hosts at the edge of a network. In the hierarchical internetworking model and similar network architectures, switches are also used deeper in the network to provide connections between the switches at the edge.

In switches intended for commercial use, built-in or modular interfaces make it possible to connect different types of networks, including Ethernet, Fibre Channel, RapidIO, ATM, ITU-T G.hn and 802.11. This connectivity can be at any of the layers mentioned. While the layer-2 functionality is adequate for bandwidth-shifting within one technology, interconnecting technologies such as Ethernet and Token Ring is performed more easily at layer 3 or via routing.^[19] Devices that interconnect at the layer 3 are traditionally called routers.^[20]

Where there is a need for a great deal of analysis of network performance and security, switches may be connected between WAN routers as places for analytic modules. Some vendors provide firewall,^[21]^[22] network intrusion detection,^[23] and performance analysis modules that can plug into switch ports. Some of these functions may be on combined modules.^[24]

Through port mirroring, a switch can create a mirror image of data that can go to an external device, such as intrusion detection systems and packet sniffers.

A modern switch may implement power over Ethernet (PoE), which avoids the need for attached devices, such as a VoIP phone or wireless access point, to have a separate power supply. Since switches can have redundant power circuits connected to uninterruptible power supplies, the connected device can continue operating even when regular office power fails.

In 1989 and 1990, Kalpana introduced the first multiport Ethernet switch, its seven-port EtherSwitch.^[25]

Bridging[edit]

A modular network switch with three network modules (a total of 36 Ethernet ports) and one power supply

Modern commercial switches primarily use Ethernet interfaces. The core function of an Ethernet switch is to provide multiple ports of layer-2 bridging. Layer-1 functionality is required in all switches in support of the higher layers. Many switches also perform operations at other layers. A device capable of more than bridging is known as a multilayer switch.

A layer 2 network device is a multiport device that uses hardware addresses (MAC addresses) to process and forward data at the data link layer (layer 2).

A switch operating as a network bridge may interconnect otherwise separate layer 2 networks. The bridge learns the MAC address of each connected device, storing this data in a table that maps MAC addresses to ports. This table is often implemented using high-speed content-addressable memory (CAM), some vendors refer to the MAC address table as a CAM table.

Bridges also buffer an incoming packet and adapt the transmission speed to that of the outgoing port. While there are specialized applications, such as storage area networks, where the input and output interfaces are the same bandwidth, this is not always the case in general LAN applications. In LANs, a switch used for end-user access typically concentrates lower bandwidth and uplinks into a higher bandwidth.

The Ethernet header at the start of the frame contains all the information required to make a forwarding decision, some high-performance switches can begin forwarding the frame to the destination whilst still receiving the frame payload from the sender. This cut-through switching can significantly reduce latency through the switch.

Interconnects between switches may be regulated using the spanning tree protocol (STP) that disables forwarding on links so that the resulting local area network is a tree without switching loops. In contrast to routers, spanning tree bridges must have topologies with only one active path between two points. Shortest path bridging and TRILL (Transparent Interconnection of Lots of Links) are layer 2 alternatives to STP which allow all paths to be active with multiple equal cost paths.^[26]^[27]

Types[edit]

Form factors[edit]

Switches are available in many form factors, including stand-alone, desktop units which are typically intended to be used in a home or office environment outside a wiring closet; rack-mounted switches for use in an equipment rack or an enclosure; DIN rail mounted for use in industrial environments; and small installation switches, mounted into a cable duct, floor box or communications tower, as found, for example, in fiber to the office infrastructures.

Rack-mounted switches may be stand-alone units, stackable switches or large chassis units with swappable line cards.

Configuration options[edit]

Unmanaged switches have no configuration interface or options. They are plug and play. They are typically the least expensive switches, and therefore often used in a small office/home office environment. Unmanaged switches can be desktop or rack mounted.^[28]
Managed switches have one or more methods to modify the operation of the switch. Common management methods include: a command-line interface (CLI) accessed via serial console, telnet or Secure Shell, an embedded Simple Network Management Protocol (SNMP) agent allowing management from a remote console or management station, or a web interface for management from a web browser. Two sub-classes of managed switches are smart and enterprise-managed switches.^[28]
Smart switches (aka intelligent switches) are managed switches with a limited set of management features. Likewise, "web-managed" switches are switches that fall into a market niche between unmanaged and managed. For a price much lower than a fully managed switch they provide a web interface (and usually no CLI access) and allow configuration of basic settings, such as VLANs, port-bandwidth and duplex.^[29]^[28]
Enterprise managed switches (aka managed switches) have a full set of management features, including CLI, SNMP agent, and web interface. They may have additional features to manipulate configurations, such as the ability to display, modify, backup and restore configurations. Compared with smart switches, enterprise switches have more features that can be customized or optimized and are generally more expensive than smart switches. Enterprise switches are typically found in networks with a larger number of switches and connections, where centralized management is a significant savings in administrative time and effort. A stackable switch is a type of enterprise-managed switch.

Typical management features[edit]

Centralized configuration management and configuration distribution
Enable and disable ports
Link bandwidth and duplex settings
Quality of service configuration and monitoring
MAC filtering and other access control list features
Configuration of Spanning Tree Protocol (STP) and Shortest Path Bridging (SPB) features
Simple Network Management Protocol (SNMP) monitoring of device and link health
Port mirroring for monitoring traffic and troubleshooting
Link aggregation configuration to set up multiple ports for the same connection to achieve higher data transfer rates and reliability
VLAN configuration and port assignments including IEEE 802.1Q tagging
NTP (Network Time Protocol) synchronization
Network Access Control features such as IEEE 802.1X
LLDP (Link Layer Discovery Protocol)
IGMP snooping for control of multicast traffic

Traffic monitoring[edit]

It is difficult to monitor traffic that is bridged using a switch because only the sending and receiving ports can see the traffic.

Methods that are specifically designed to allow a network analyst to monitor traffic include:

Port mirroring – Because the purpose of a switch is to not forward traffic to network segments where it would be superfluous, a node attached to a switch cannot monitor traffic on other segments. Port mirroring is how this problem is addressed in switched networks: In addition to the usual behavior of forwarding frames only to ports through which they might reach their addressees, the switch forwards frames received through a given monitored port to a designated monitoring port, allowing analysis of traffic that would otherwise not be visible through the switch.
SMON – "Switch Monitoring" is described by RFC 2613 and is a protocol for controlling facilities such as port mirroring.
RMON^[30]
sFlow

These monitoring features are rarely present on consumer-grade switches. Other monitoring methods include connecting a layer-1 hub or network tap between the monitored device and its switch port.^[31]

Notes[edit]

^ In half duplex mode, each switch port can only either receive from or transmit to its connected device at a certain time. In full duplex mode, each switch port can simultaneously transmit and receive, assuming the connected device also supports full-duplex mode.^[9]

References[edit]

^ IEEE 802.1D
^ Thayumanavan Sridhar (September 1998). "Layer 2 and Layer 3 Switch Evolution". cisco.com. The Internet Protocol Journal. Cisco Systems. Retrieved 2014-08-05.
^ Stewart, Robert; Hawe, William; Kirby, Alan (April 1984). "Local Area Network Connection". Telecommunications.
^ W. Hawe, A. Kirby, A. Lauck, "An Architecture for Transparently Interconnecting IEEE 802 Local Area Networks", technical paper submitted to the IEEE 802 committee, document IEEE-802.85*1.96, San Diego CA, October 1984.
^ Hawe, William; Kirby, Alan; Stewart, Robert (1987). Advances in Local Area Networks. IEEE Press. pp. Chapter 28. ISBN 0-87942-217-3.
^ US 4597078, "Bridge circuit for interconnecting networks"
^ Robert J. Kohlhepp (2000-10-02). "The 10 Most Important Products of the Decade". Network Computing. Archived from the original on 2010-01-05. Retrieved 2008-02-25.
^ "Hubs Versus Switches – Understand the Tradeoffs" (PDF). ccontrols.com. 2002. Retrieved 2013-12-10.
^ "Cisco Networking Academy's Introduction to Basic Switching Concepts and Configuration". Cisco Systems. 2014-03-31. Retrieved 2015-08-17.
^ "Evolutionary trends in pluggable optical modules". January 2004.
^ https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6800/hardware/installation/guide/b_c6800_modules/b_c6800_modules_appendix_0111.pdf
^ Minoli, Daniel (2003). Telecommunications Technology Handbook. Artech House. ISBN 978-1-58053-708-7.
^ "Network World". 25 December 1995 – 1 January 1996.
^ "Fiber optics weekly update".
^ https://www.edn.com/qsfp-dd-pluggable-modules-boost-data-density/
^ "OSFP MSA unveils OSFP 4.0 Specification for additional 800G module applications, eyes 1.6T". 7 June 2021.
^ "The evolution of the pluggable module". August 2012.
^ "Understanding IP Broadcast Production Networks: Part 2 - Routers & Switches - the Broadcast Bridge - Connecting IT to Broadcast". 30 May 2023.
^ Joe Efferson; Ted Gary; Bob Nevins (February 2002). "Token-Ring to Ethernet Migration" (PDF). IBM. p. 13. Archived from the original (PDF) on 2015-09-24. Retrieved 2015-08-11.
^ Thayumanavan Sridhar (September 1998). "The Internet Protocol Journal - Volume 1, No. 2: Layer 2 and Layer 3 Switch Evolution". Cisco Systems. Retrieved 2015-08-11.
^ Cisco Catalyst 6500 Series Firewall Services Module, Cisco Systems, 2007
^ Switch 8800 Firewall Module, 3Com Corporation, 2006
^ Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Module, Cisco Systems, 2007
^ Getting Started with Check Point Fire Wall-1, Checkpoint Software Technologies Ltd., n.d.
^ Robert J. Kohlhepp (October 2, 2000). "The 10 Most Important Products of the Decade". Network Computing. Archived from the original on January 5, 2010. Retrieved February 25, 2008.
^ Peter Ashwood-Smith (24 February 2011). "Shortest Path Bridging IEEE 802.1aq Overview" (PDF). Huawei. Archived from the original (PDF) on 15 May 2013. Retrieved 11 May 2012.
^ "IEEE Approves New IEEE 802.1aq Shortest Path Bridging Standard". Tech Power Up. 7 May 2012. Retrieved 11 May 2012.
^ ^a ^b ^c "Understanding the different types of Ethernet Switches". Retrieved 2021-04-29.
^ "Tech specs for a sample HP "web-managed" switch". Archived from the original on December 13, 2007. Retrieved 2007-05-25.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
^ Remote Network Monitoring Management Information Base, RFC 2819, S. Waldbusser, May 2000
^ "How to Build a Miniature Network Monitor Device". 6 October 2016. Retrieved 2019-01-08.

External links[edit]

What to consider when buying an Ethernet Switch

[10] In half duplex mode, each switch port can only either receive from or transmit to its connected device at a certain time. In full duplex mode, each switch port can simultaneously transmit and receive, assuming the connected device also supports full-duplex mode.^[9]

[1] IEEE 802.1D

[layer3-2] Thayumanavan Sridhar (September 1998). "Layer 2 and Layer 3 Switch Evolution". cisco.com. The Internet Protocol Journal. Cisco Systems. Retrieved 2014-08-05.

[3] Stewart, Robert; Hawe, William; Kirby, Alan (April 1984). "Local Area Network Connection". Telecommunications.

[4] W. Hawe, A. Kirby, A. Lauck, "An Architecture for Transparently Interconnecting IEEE 802 Local Area Networks", technical paper submitted to the IEEE 802 committee, document IEEE-802.85*1.96, San Diego CA, October 1984.

[5] Hawe, William; Kirby, Alan; Stewart, Robert (1987). Advances in Local Area Networks. IEEE Press. pp. Chapter 28. ISBN 0-87942-217-3.

[6] US 4597078, "Bridge circuit for interconnecting networks"

[7] Robert J. Kohlhepp (2000-10-02). "The 10 Most Important Products of the Decade". Network Computing. Archived from the original on 2010-01-05. Retrieved 2008-02-25.

[8] "Hubs Versus Switches – Understand the Tradeoffs" (PDF). ccontrols.com. 2002. Retrieved 2013-12-10.

[9] "Cisco Networking Academy's Introduction to Basic Switching Concepts and Configuration". Cisco Systems. 2014-03-31. Retrieved 2015-08-17.

[11] "Evolutionary trends in pluggable optical modules". January 2004.

[12] ttps://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6800/hardware/installation/guide/b_c6800_modules/b_c6800_modules_appendix_0111.pdf

[13] Minoli, Daniel (2003). Telecommunications Technology Handbook. Artech House. ISBN 978-1-58053-708-7.

[14] "Network World". 25 December 1995 – 1 January 1996.

[15] "Fiber optics weekly update".

[16] ttps://www.edn.com/qsfp-dd-pluggable-modules-boost-data-density/

[17] "OSFP MSA unveils OSFP 4.0 Specification for additional 800G module applications, eyes 1.6T". 7 June 2021.

[18] "The evolution of the pluggable module". August 2012.

[19] "Understanding IP Broadcast Production Networks: Part 2 - Routers & Switches - the Broadcast Bridge - Connecting IT to Broadcast". 30 May 2023.

[20] Joe Efferson; Ted Gary; Bob Nevins (February 2002). "Token-Ring to Ethernet Migration" (PDF). IBM. p. 13. Archived from the original (PDF) on 2015-09-24. Retrieved 2015-08-11.

[21] Thayumanavan Sridhar (September 1998). "The Internet Protocol Journal - Volume 1, No. 2: Layer 2 and Layer 3 Switch Evolution". Cisco Systems. Retrieved 2015-08-11.

[22] Cisco Catalyst 6500 Series Firewall Services Module, Cisco Systems, 2007

[23] Switch 8800 Firewall Module, 3Com Corporation, 2006

[24] Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Module, Cisco Systems, 2007

[25] Getting Started with Check Point Fire Wall-1, Checkpoint Software Technologies Ltd., n.d.

[networkcomputing_2000-26] Robert J. Kohlhepp (October 2, 2000). "The 10 Most Important Products of the Decade". Network Computing. Archived from the original on January 5, 2010. Retrieved February 25, 2008.

[27] Peter Ashwood-Smith (24 February 2011). "Shortest Path Bridging IEEE 802.1aq Overview" (PDF). Huawei. Archived from the original (PDF) on 15 May 2013. Retrieved 11 May 2012.

[28] "IEEE Approves New IEEE 802.1aq Shortest Path Bridging Standard". Tech Power Up. 7 May 2012. Retrieved 11 May 2012.

[Cisco-29] "Understanding the different types of Ethernet Switches". Retrieved 2021-04-29.

[30] "Tech specs for a sample HP "web-managed" switch". Archived from the original on December 13, 2007. Retrieved 2007-05-25.{{cite web}}: CS1 maint: bot: original URL status unknown (link)

[31] Remote Network Monitoring Management Information Base, RFC 2819, S. Waldbusser, May 2000

[32] "How to Build a Miniature Network Monitor Device". 6 October 2016. Retrieved 2019-01-08.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[a]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

[22]

[23]

[24]

[25]

[26]

[27]

[28]

[29]

[30]

[31]

[9]