If you are a junior admin in a small to medium organization then building campus network is simple. Buy several switches, connect desktops and switches together and that’s it. You don’t need any additional configuration, all switches work right out of the box. However, it’s important to understand how packet switching work to troubleshoot problems that can show up later in your work.
Switching works on TCP/IP Layer 2. It means that networking hardware logic operates with MAC addresses. Each time switch receives a packet from any workstation or server it remembers its MAC address and port it was received from. It’s called MAC address or switching table. When somebody wants to send a packet to an other host with particular IP address he sends an ARP request packet. Like tell me who has 12.34.56.78 IP address. Host replies with its MAC address and sender can form a package to it.
Initially switch has empty switching table and does not know where to send packets. When switch doesn’t have particular MAC address in its table it forwards (floods) the packet to all ports. If the next switch doesn’t know this MAC, it further forwards the packet. When packet finally reaches its destination, host answers and switch adds its MAC address into the table.
If you don’t use VLANs, all switches in your network form a broadcast domain. It means that when host sends a broadcast message, ARP request for example, and host with this IP address is powered off then this ARP request will traverse the whole network. It’s important to bear in mind that if you have many hosts in your network, broadcast messages can eventually slow it down. VLANs are usually a solution here.
Tags: address, ARP, broadcast, IP, layer, MAC, network, switch, switching, table, TCP/IP, VLAN
Niktips's Blog 
June 8, 2012 at 8:02 am |
Thanks a ton for this article, once again it is Crisp and clear. So this broadcast happens for every new host added to the network (Layer 2 switch). Once the switching table updates the mac-2-port address of all hosts it does not broadcast it. However, as long as new hosts are added it will broadcast. My question is – What if switching table knows the Mac of the machine, but the machine is powered off. In this case, wil broadcase happen ?
June 8, 2012 at 11:29 am |
No, it will send it to the specific port or simply discard it, if the host is connected directly to this switch and there is no link. But I believe it will remove the MAC address from the table after some amount of time not seeing packets from it. After that switch will start making broadcasts again. Switch can’t distinct between host being unknown or power off. This question is even more interesting in context of network loops. When there is a ring of three switches for example. Recipient host is powered off and packet sent to it loops between the switches. This is where Spanning Tree Protocol (STP) comes into the picture. But it’s a bit complicated to explain it here.