Cisco Knowledge Suite Cisco SystemsCisco Press

Cutting Edge
Core Reference
Guided Learning
Networking Architecture
Internet Protocols (IP)
Network Protocols
Transport and Application Protocols
Desktop Protocols
Security and Troubleshooting
Network Resources and Management
Integrated Services

Layer 2 Ethernet Switching


Contents Next >

Layer 2 Ethernet Switching



Ethernet Bridging and Switching



Full-Duplex Ethernet




Save to MyCKS

Switched, Fast, and Gigabit Ethernet, Third Edition

From: Switched, Fast, and Gigabit Ethernet, Third Edition
Author: Sean Riley; Robert Breyer
Publisher: MTP
More Information

4. Layer 2 Ethernet Switching

This chapter discusses the theory, standards, and practical uses of Ethernet Layer 2 switching. It assumes you have read Chapter 3, “Ethernet, Fast Ethernet, and Gigabit Ethernet Standards.” This chapter focuses only on the Layer 2 aspects of Ethernet. Chapter 5, “VLANs and Layer 3 Switching,” discusses routing, virtual LANs, and Layer 3 switching.

In this chapter, we first examine the concept of a Layer 2 switch and the fact that it is actually a bridge under a different name. We look at how a switch functions and examine the different methods of switching, namely cut-through, store and forward, and modified cut-through, or error-free. We also look at some of the architectural features of switches, such as backplane capacity and shared memory. You won't see too many Ethernet bridging standards out there. We do, however, cover the old but proven IEEE 802.1D spanning-tree algorithm (STA).

For many years, Ethernet bridges didn't receive much attention. Recently, however, two new standards have been approved. We look at the new 802.3x full-duplex/flow-control standard that has greatly enhanced Ethernet switches of all speeds. We also discuss the new 802.3ad Link Aggregation proposal.

Ethernet has been given a new face recently—two faces in fact. Both Fast and Gigabit Ethernet are less than five years old, which is quite young compared to Ethernet's 25-year history. These two new technologies have increased the wire-speed capabilities of Ethernet dramatically, but switching has been an even bigger breakthrough than faster wire speeds. Without switches, Fast Ethernet would be limited to a network diameter of 200 meters, which is basically useless, except for very small installations. In some areas, switching provides a higher-quality connection than just raw bandwidth via Fast Ethernet. That other great foe of Ethernet, ATM, has been synonymous with switching. Ethernet switching represents the best of both worlds: backward compatibility with today's existing Ethernet frames and state-of-the-art connection switching technology.

Ethernet Bridging and Switching

Ethernet switches first appeared in 1991 when Kalpana launched the original EtherSwitch. (Kalpana was acquired by Cisco in 1994.) From an Ethernet perspective, however, switches are really just multiport bridges that have been around for many years. Technically, bridging is an OSI Layer 2 function, and all of today's common networking standards—such as the three different Ethernet standards, Token Ring, FDDI, and so on—can all be bridged. What differentiate today's switches from yesterday's bridges are the features and uses of these modern multiport bridges.

A few years ago, two-port Ethernet bridges were used to connect two different LANs together. Then vendors started building intelligent multiport bridges, which are essentially a number of two-port bridges connected together. Today, these multiport bridges have been enhanced and are called switches. These switches are now used within an existing network to disconnect or segment a larger LAN into many smaller ones.

Because bridging or switching is an OSI Layer 2 function, today's Ethernet switching is not a new IEEE standard at all; it is just an application of existing standards. If you skipped Chapter 3 and are not familiar with the OSI Layer 1, 2, and 3 functions, go back to the preceding chapter and take a quick look at Table 3.1 and Figure 3.1. Because this book has Switched in its title, we would like to provide you with some insights into the technology behind Ethernet switching. First, let's look at how bridges function. Then we will discuss the IEEE 802.1D spanning-tree protocol, which is the only IEEE specification relevant to bridges and switches.


A repeateris a network device that indiscriminately regenerates and forwards a received Ethernet frame, whether it's good or bad. Repeaters are known as passive,or shared,components of the network because they do not logically act on incoming frames. Repeaters just regenerate incoming signals, thus extending the diameter of the network. In this way, repeaters are invisible to network events such as collisions or errors, merely propagating them along. Hence, a repeater cannot extend the collision domain of a network. Repeaters enlarge an existing network.


Bridges and routers, on the other hand, connect different Ethernet LANs. Bridges perform basic frame filtering functions before retransmitting the incoming frame. Whereas repeaters forward all frames, a bridge forwards only those frames that are necessary. If a frame does not need to be forwarded, the bridge filters it out.

To connect an Ethernet LAN to an FDDI backbone, for example, would require either a bridge or a router. Because Ethernet and FDDI use different frame types, a translational bridge would be required.

Bridges also do speed matching: Regular 10Mbps Ethernet and 100Mbps Fast Ethernet can only be connected by means of a bridge.

Every Ethernet frame has two fields defined as the destinationand source address.This tells a bridge where a frame originated and where it is ultimately destined. Figure 4.1 shows the structure of an Ethernet frame and the location of the destination and source addresses.

Figure 4.1. Bridges examine both the destination and source address of a received frame. The bridge forwards a frame according to its destination address.

Bridges look at an incoming Ethernet frame and analyze the destination address encapsulated in the frame's header. From this information, the bridge can check its internal memory of past frames and determine whether to forward the frame to another port or filter it out—that is, do nothing and discard the frame. In this way, bridges can isolate network traffic between network segments. Bridges also check for errors and don't forward damaged or incomplete frames.

A bridge works like a good postal mail delivery system. A bridge knows exactly where everyone resides. It delivers a piece of mail only to the intended recipient, looking at the address on every envelope and delivering the envelope to that particular address. If an envelope or frame is damaged or contains an error, a bridge mail system returns the damaged mail to the sender, with a note that says “damaged.”

A repeater works very differently. A repeater mail system uses the brute-force approach to mail delivery. A repeater makes a copy of every piece of mail it receives, and then delivers a copy to you and everyone in your neighborhood. You get not only your mail but also copies of everyone else's mail. You must decide which mail is actually intended for you. Damaged mail is copied and distributed just like regular mail. Repeaters typically are cheaper to buy than bridges because they don't need to be able to read, sort, or return damaged mail.

See Table 4.1 for a comparison of Ethernet repeaters and bridges.

Table 4.1. Comparing Ethernet repeaters and bridges
Device ParameterRepeaterBridge
OSI layerLayer 1/PHYLayer 2/MAC
Number of hopsFiveUnlimited1
Looks at frames?No, only regenerates entire frameYes, looks at individual address of every frame
Invisible device?YesNo
Port-port latency<1µs50-1500 bit times2
Propagates errors?YesNo3
Network design implications?Extends collision domainExtends broadcast domain and divides collision domain
Principal useEnlarges an existing networkConnects different networks4

1 Theoretically, this number is unlimited. In reality, each bridge adds a delay. Too large of a delay can cause higher-level problems.

2 The latency depends on two things: the frame size and the forwarding mechanism. See the “Switch Architectures and Performance” section.

3 Bridges do not forward Layer 2 type errors, such as runt or CRC error frames. Higher-level, such as Layer 3, errors will be forwarded.

4 Routers can also connect different networks. We examine routers and Layer 3 in more detail in the next chapter.

An In-Depth Look at How Bridges Work

Let's look at bridges in a bit more detail. A bridge contains a MAC and PHY on every port as well as some internal bridging logic. With bridges, this logic is in the form of a CPU and some memory. With switches, the logic is embedded in hardware in some specially designed chips. Figure 4.2 shows a block diagram of a bridge.

Figure 4.2. Bridge internal block diagram. Bridges contain software-based learning and forwarding logic, whereas switches use hardware for this function.

The major components of a bridge are as follows:

  • MAC/PHYA network interface card (NIC) consists of a MAC and a PHY. A bridge also contains a MAC and PHY on every port. This means that a bridge looks like multiple NICs coupled together. The bridge PHY will receive the incoming bit stream and pass it to the MAC, which reassembles the original frames.

  • Learning logic and source address table (SAT)The learning logic will look at the source address (SA) within a received frame and populate the source address table with three columns: MAC address, port number, and age. The MAC address is the same as the source address that a sender has embedded into the frame. The age item will be a date stamp to indicate when the last frame was received from a particular MAC SA. The port number in our case can be 1 or 2. The SAT is also known as the Bridge Forwarding Table (BFT).

  • Forwarding logicForwarding logic is the essential component of a bridge. It looks at the destination address (DA) of a received frame. This now becomes the new MAC address, which is then compared with the entries in the SAT.

Four different forwarding options are possible and are illustrated in Figure 4.3. Figure 4.4 shows the internal workings of the bridge learning and forwarding logic.

Let's take a look at how the bridge learning and forwarding logic works:

  • If the destination address is a specific address, known as a broadcast address, the frame is destined for all ports on the network. In this case, the bridge will forward the frame to all ports, except the one on which the frame was received. Figure 4.3 shows this case as destination address FFF. A broadcast address is six bytes with all ones, or FF.FF.FF.FF.FF.FF in hexadecimal notation.

  • If the MAC address is found in the SAT and the corresponding port number is different from the received port, the frame is forwarded to that particular port number only. This would be MAC address U sending a frame to MAC address X in Figure 4.3.

  • If the MAC address is found in the SAT and the port number is the same as the received port number, the frame is not forwarded; instead, it is discarded. This is known as filtering. The frame is discarded because the transmitting station and the receiving station are connected on the same shared LAN segment on that particular port and the receiver has already tuned into the frame. This would be MAC address V sending a frame to MAC address U in Figure 4.3.

  • If the MAC address is not found in the table, the frame is forwarded to all ports. The reason a particular destination address is not present in the SAT table is that the receiving device could be new on the network, or the recipient has been very quiet (has not recently sent a frame). In both cases, the bridge SAT will not have a current entry. Flooding the frame on all ports is the brute way of ensuring that the frame definitely gets to its intended recipient. This would be MAC address X sending a frame to MAC address T, an unknown MAC address, in Figure 4.3.

  • Bridges use the age entry in the SAT to determine whether that MAC address is still in use on the LAN. If the age has exceeded a certain preset value, the entry is removed. This conserves memory space and makes the bridge faster because fewer entries need to be scanned for address matching.

  • Finally, the frame buffers will store frames on each port in case there is a backlog of frames to be forwarded.

Figure 4.3. Bridges have three alternative methods of processing a frame: forwarding to a known MAC address, filtering a frame, or flooding it on all ports.


A router is an OSI Layer 3 device. Ethernet and bridges use frames, whereas routers work in packets. The Layer 3 software—for example, NetWare IPX or TCP/IP—generates the packet. Packet and frame sizes are not related. If a packet is larger than what a frame can carry, the packet needs to split into multiple frames. This is called fragmentation.

Bridges use MAC addresses in frames, whereas routers use the network address information in packets to make forwarding decisions.

Routers have traditionally been used for two purposes:

  • Routers link networks over extended distances, also known as WANs. WAN traffic often can travel over multiple routes, and the different routers along the way choose the fastest or cheapest cost route (hence the term router).

  • Routers are required to connect dissimilar LANs. For example, an Ethernet LAN is often connected to an FDDI backbone through a router, which analyzes each individual Ethernet frame, regenerates the original packet, and then reconverts it into new FDDI frames. Translational bridges can accomplish the same thing, but only if the same protocol is used on the two different LANs.

Figure 4.4. The flow diagram of a bridge. Contrast this with the flow diagram of a repeater, shown in Figure 3.14 in Chapter 3.

Over the past few years, high-performance routers have also become popular for linking homogeneous LANs, such as different smaller Ethernets within a larger company. In such situations, these routers effectively replace bridges and are sometimes called segmentation routers. Some people use routers in large networks because bridges have some drawbacks that do not affect routers.

Until recently, the term switching has been synonymous with a Layer 2 bridging function. These days, switching seems to be the latest buzzword in the networking industry, and numerous networking vendors have started talking about the concept of “Layer 3 switching.” This is getting quite confusing because a Layer 3 switch is technically still a router, just as a Layer 2 switch is still a bridge. We examine Layer 3 routers and Layer 3 switches in more detail in Chapter 5.

The 802.1D Spanning-Tree Algorithm

Bridges were originally designed to connect different LANs together. Bridges do not allow for multiple active parallel paths between different LAN segments. Parallel paths create loops, which bridges cannot handle. If multiple paths exist, this would mean duplicate entries in different bridges, causing excess traffic flow and false entries in the SATs. Worse still, if a broadcast or flooded frame enters a parallel bridge network, the broadcasts start circulating and will grow on themselves. Ultimately, the single broadcast can turn into a broadcast storm, which will completely overload the network and bring it to its knees. The spanning-tree algorithm was invented many years ago by Radia Perlman of Digital Equipment Corporation to deal with this problem. The following are some important points about the spanning-tree algorithm (STA):

  • Bridges build a logical tree-like structure by exchanging information about the topology of the overall network. All bridges send out specific frames, called bridge protocol data units (BPDUs), to build the tree.

  • The STA is always active. During power-up time, the individual bridges communicate via BPDUs to build the initial tree, which takes about between 15 and 50 seconds. The base of the tree, or root, is determined in such a way as to provide only one possible data path between any two different bridges within the bridging fabric. At this time, the STA also eliminates circular paths by temporarily disconnecting all parallel links. These parallel links are in effect dormant, to be reactivated later if needed. By eliminating parallel links, the STA has, in effect, built a structure that looks like a tree, with the root or master bridge located at the base.

  • The STA allows for redundant or parallel backup links. The dynamic nature of STA means that if an existing link (or branch) between two bridges is broken, the STA will reactivate a dormant link in less than a minute. This provides bridged networks with an element of resiliency.

  • The STA became an IEEE standard in 1990 and is known as 802.1D. The STA used to be an optional feature with early bridges. These days, all bridges and switches incorporate this feature. The STA can be turned off with most bridges.

  • Unlike bridges, routers doallow for multiple active paths. In fact, routers have enough intelligence to take advantage of multiple paths for both redundancy and cost optimization. Routers use algorithms similar to the STA to determine the optimum path between two stations connected via a WAN.

Figure 4.5 shows a bridged network topology with multiple paths.

Figure 4.5. A network with parallel bridged paths showing how STA has created a tree configuration. Dotted lines indicate parallel links disabled by the STA.

Differences Between Bridges and Switches

A switch connects a sender and a receiver in real time. A telephone switch is the best example. Even the old, manual exchanges were true switches. The only thing that has changed is that the destination address can be dialed in automatically these days. A bridge, on the other hand, stores the data for a limited time period before forwarding it to the destination.

By definition, a switch relies on some sort of permanent or temporary electrical connection to exist between sender and receiver. If the data is temporarily stored, like in a bridge, one could argue that technically the device is no longer a switch. Because the data is often only stored for a fraction of a second, or fractions of a frame, however, we won't debate the nuances here of what constitutes a switch and what doesn't. Therefore, from an Ethernet perspective, switches are multiport bridges.

Some other architectural differences between bridges and switches include the following:

  • The heart of a bridge (or router, for that matter) is a microprocessor and the associated program memory to run the bridging software. Switches, on the other hand, have no reprogrammable intelligence to bridge the data (for example, a CPU and associated program memory and software). The switching function is performed in hardware or silicon. In this case, the hardware has sufficient intelligence to examine each frame and decide to which port to send it. These chips are not programmable, however; all they can do is analyze and forward Ethernet frames. (Today's switches often contain a CPU for network management, configuration, STA, and so on. The key is that the CPU does not involve itself in the forwarding of every single frame.)

  • Switches are much cheaper than bridges; their initial cost is lower, and they have achieved higher production volumes over time.

  • Bridges can analyze and forward only one frame at a time. Switches, on the other hand, have multiple parallel data paths. Switches use temporary, or virtual,connections to connect source and destination ports for the time it takes to forward a frame. After the frame has been sent from source to destination, the virtual connection is terminated. To accommodate these multiple data paths, a switch needs to have a backplane that has enough capacity to carry all the data from multiple ports simultaneously. Bridges typically are bandwidth-limited by the CPU and its I/O capabilities. The switched parallel approach means that switches are much faster than conventional bridges.

  • Switches feature different forwarding mechanisms, such as cut-through or store-and-forward, whereas bridges use only the store-and-forward methodology.

  • The biggest difference between switches and bridges is the positioning. Yesterday's bridges were relatively slow and expensive devices that were sold to connect different LANs together. Today's switches are fast and cheap, and they most often are used to improve the speed of an existing network.


Contents Next >

Save to MyCKS


Breaking News

One of the primary architects of OpenCable, Michael Adams, explains the key concepts of this initiative in his book OpenCable Architecture.

Expert Advice

Ralph Droms, Ph.D., author of The DHCP Handbook and chair of the IETF Dynamic Host Configuration Working Group, guides you to his top picks for reliable DHCP-related information.

Just Published

Residential Broadband, Second Edition
by George Abe

Introduces the topics surrounding high-speed networks to the home. It is written for anyone seeking a broad-based familiarity with the issues of residential broadband (RBB) including product developers, engineers, network designers, business people, professionals in legal and regulatory positions, and industry analysts.


From the Brains at InformIT


Contact Us


Copyright, Terms & Conditions


Privacy Policy


© Copyright 2000 InformIT. All rights reserved.