them will lead to the destination.
Hopefully, flooding doesn’t happen too often. There’s a very good chance that the destination device will receive the packet and send a reply back to the sender. In that case, the switch will record the MAC address of the recipient in its table. Then, the next time a packet intended for that destination is reached, the switch will be able to forward it to the correct port rather than flood the network again.
Looking Deeper into Switches
In the previous sections, you learned about the three basic functions of a switch:
Learning: The switch learns what devices are reachable on each of its ports.
Forwarding: The switch forwards incoming packets just to the correct port based on the intended destination.
Flooding: The switch forwards incoming packets to all ports when it hasn’t yet learned how to reach the intended destination.
In the following sections, I dig deeper into the operation of switches to explain more about how they operate.
Collision domains
One of the main benefits of switches over hubs is that switches minimize the frequency of collisions on the network. Consider a four-port switch in which Computers 1, 2, 3, and 4 are connected to ports 1, 2, 3, and 4. If port 1 receives a packet from Computer 1 that is intended for Computer 2, the switch will forward the packet to port 2. If, at the same time, port 3 receives a packet intended for Computer 4, the switch will forward that packet to port 4. Both of these packets can travel on the network at the same time because at no time will they exist on the same set of network interfaces or cables. Thus, the packets will never collide.
In contrast, if these four computers were connected with a hub, the packets would collide because the two packets would be forwarded to all the ports, not just the ports connected to the destination computers.
This reduction of collisions is so fundamental to what a switch does that a common definition of what a switch is reads like this: A switch is a device that divides collision domains. A collision domain is a segment of a network on which collisions are possible. In an old-style Ethernet network built with hubs, the entire network is a single collision domain because all the network interfaces that connect to the network will see all packets that travel on the network. But when a switch is used, the network is divided into separate collision domains.
In a switched network, each collision domain consists of just two network interfaces: the port on the switch and the port on the destination device (typically a computer, but possibly another switch). An eight-port switch divides a single collision domain with eight devices into eight separate collision domains, each with only two devices.
Switches don’t completely eliminate collisions. For example, suppose a switch has received a packet intended for a computer, and that computer attempts to send a packet at the same moment that the switch attempts to forward the received packet to the computer. In that case, the two packets collide, and both the switch and the computer must wait and try again a bit later.
Bridging
A bridge is a device that is very similar to a switch, but it typically has fewer ports — perhaps as few as two. The primary purpose of a bridge is to provide a link between two networks, so some bridges have just two ports. Like a switch, a bridge examines the destination MAC address of every packet it receives and forwards the packet to the other side of the bridge only if the bridge knows that the destination is on the other side.
Technically speaking, a switch is simply a multiport repeaters bridge. The distinction is mostly a historical one, because bridges were invented and widely used before switches. Before switches became inexpensive, large Ethernet networks used multiple hubs to connect computers and other devices, and a few bridges would be introduced into the network to break up large collision domains. Now that switches are common, you don’t see separate bridging devices much anymore.
However, one function that a bridge can perform can come in handy: A bridge can be used to connect two different types of networks. For example, suppose your main network uses Cat-5e cable, but you also have a smaller network that uses fiber-optic cable. You can use a bridge to link these two types of networks. The bridge would have two ports: One Cat-5e port and one fiber-optic port. When the bridge receives a packet on the Cat-5e port, it forwards it to the fiber-optic port, and vice versa.
All switches can perform this type of bridging to connect Cat-5e devices that operate at different speeds. For example, most computers have network interfaces that operate at 1 gigabit per second (Gbps). But many printers have slower, 100 megabits per second (Mbps) connections. The ports on a switch can automatically detect the speed of the device on the other end of the cable, so you can plug a 1 Gbps computer or a 100 Mbps printer into a switch port. The switch will automatically take care of buffering and forwarding packets received from the 1 Gbps devices to the slower 100 Mbps devices.
Some switches also include ports that allow you to connect the switch to even faster networks that use 10 Gbps copper or fiber-optic cable, as described in the next section.
SFP ports and uplinks
Some switches have special ports called small form-factor pluggable (SFP) ports. You can use an SFP port to connect a variety of different types of high-speed networks, including 10 Gb Ethernet (which uses copper cable) or 8 Gb Fibre Channel, which uses fiber-optic cables. In this way, the SFP ports allow the switch to bridge 100 Mbps or 1 Gbps Cat-5e networks with faster copper or fiber-optic networks.
One of the most common uses of SFP ports is to connect switches to each port at speeds faster than 1 Gbps. The interconnection between two switches is often called an uplink. It makes sense to use high-speed uplinks because the uplink ports are likely to be the busiest ports on the switch. For example, suppose you have a network with 80 computers in which 40 of the computers are connected to one switch (call it Switch A) and the other 40 computers are connected to a second switch (Switch B). If a computer on switch A sends a packet to a computer on Switch B, that packet must travel through the uplink ports to get from Switch A to Switch B. So, you can expect that the uplink ports will carry as much as 40 times the amount of traffic that the other ports carry.
Another common use of SFP is to connect switches to server computers. This also makes sense, because the ports that connect to your servers will carry much more traffic than the ports that connect to workstations. In order to connect a switch to a server using an SFP port, both the switch and the server must have SFP ports. So you’ll need to make sure both your servers and your switches have SFP ports.
Broadcast domains
Earlier in this chapter (in the “Understanding Switches” section), I mention that packets whose destination MAC addresses are all ones (FF-FF-FF-FF-FF-FF) are intended to be received by all devices that see the packet. Such packets are called broadcast packets.
The scope of the devices that broadcast packets are intended for is called the broadcast domain. Ordinarily, a switch forwards broadcast packets to all the ports on the switch except the port on which the broadcast packet was received. Thus, the broadcast domain consists of all the devices connected to the switch, either directly or indirectly through another switch.
In many cases, allowing broadcast packets to travel throughout a large network is not a good idea. If the network is large, broadcast packets may consume a significant amount of the total bandwidth available on the network, slowing down other more important traffic.
You may be surprised to discover just how much broadcast traffic actually happens on a large network. The most common type of broadcast packet is an Address Resolution Protocol (ARP) request. ARP is