CCNA Study Guide

This tutorial explains basic concepts of switching including how a switch learn MAC address, type of switching and method of switching in detail with examples.

Switching is an approach of delivering frames across the network. Switching method decides how a switch receives, processes, and forwards the frames. Switch may supports three switching methods store-forward, cut-through and fragment-free. In this article we will understand these methods in details with switching concept used by various layer two devices.

Switching concept may confuse sometime, as a lot of terms are associated with switching such as packet switching, circuit switching. These are the WAN implementation of layer 2 LAN technology. To make this process easier to understand we will start from LAN and gradually extend it to WAN.

Switching Concepts in Computer Network

Hub and repeater works at Layer 1 ( Physical layer ). These devices only understand the signals. Signals received on incoming port are forwarded from all available ports.

Bridge and switch work at layer 2 ( Data Link Layer). Bridge and switch both are capable to read frames. Switching is a method of dealing with frames. Switching is described in Layer 2 of OSI model. Switch is the upgraded version of bridge. Bridge was the earlier implementation that has been replaced by the switch.

Switching concept was developed to solve two major issues of Ethernet; bandwidth and collision.


Bandwidth is the data (in data unit such as Kb, Mb, Gb etc) transferred through the media in particular time unit (such as second, minute, hour). It uses a measurement of bits per second or multiples of it to measure the consumed or available data.

Bandwidth is the critical resource for network. Bandwidth is limited by media type and technology. In WAN, bandwidth is the costly resource. To save bandwidth different switching approach are used such as packet switch, circuit switch and frame really. We will cover these approaches later in this article.


In LAN network multiple devices can share the same segment that create the collision. Collision is the effect of two devices sending transmissions simultaneously in Ethernet. When they meet on the physical media, the frames from each device collide and damaged.

Collision domain

Group of devices that share same collision effects over the Ethernet network.


It is mechanism of removing collision from network. When two or more nodes simultaneously sense the wire and found no frame, and each device places its frame on the wire. These frame would be collide in wire and a collision will occur. NIC (Network Interface Card) actually examine wire before placing any frame on it, this collision detection method is known as CSMA/CD.

collision detection

If the NICs see a collision for their transmitted frames, they have to resend the frames. In this situation, each NIC that was transmitting a frame when a collision occurred creates a special signal, called a jam signal, on the wire, waits a small random time period, and examine the wire again. If no frame is currently on the wire, NIC will retransmit its original frame again.

The more devices you place on a segment, the more likely you are to experience collisions. More devices means more random time interval, creating even more collisions, greatly slowing down a device’s access when trying to transmit data.


Switches are data link layer devices that switch frames between different layer 2 cables or segments. Each port connected to switch has a separate collision domain.

When a frame entered into a port of switch, switch checks FCS ( Frame checksum sequence) field of frame and process it only if it is valid. All invalided frames are automatically dropped. All valid frames are processed and forwarded to their destination MAC address.

Switch makes their switching decisions in hardware by using application specific integrated circuits (ASICs). Unlike generic processor such as we have in our PC, ASICs are specialized processors built only to perform very few particular tasks. In cisco switch ASICs has single task, switch frames blazingly fast. For example an entry level catalyst 2960 switch has frame rate of 2.7 million frames per second. Higher end switches have more higher FPS rate such as Catalyst 6500 has a rate of 400 million FPS rate.

Basically switch perform three main tasks

  1. Learn where the devices are located and store their location in MAC table.
  2. Forward frame intelligently based on MAC address of frame
  3. Removing layer 2 loops.

Learning Address function of switch

  • Switch stores MAC address in MAC address table.
  • MAC table is also known as port or CAM address table.
  • When a frame enters into the port, switch examines the source MAC address and compares it with its CAM (Content Addressable Memory) table.
  • If switch doesn’t see a corresponding entry in the CAM table, it will add the source MAC address to the table, including the source port identifier.
  • If switch found address in CAM table, then it compare associated entries and update them.
  • Whenever the switch updates an entry in the CAM table, the switch also resets the timer for the specific entry.
  • Switch uses timer to remove older information automatically. Switches may have different default timer.
  • MAC address table can be built statically or dynamically.
  • All dynamic entries are automatically flushed when you turn off the switch.
  • When you power on a switch it has an empty CAM table or static entries in it ( if you have configured any ).
  • All identified frames are forwarded only from specific ports that have corresponding addresses.
  • All unidentified frames ( frames those MAC address are not available in CAM table ) are flooded from all ports.
  • Three types of frames; Unknown Unicast address frame ( Unidentified frame), broadcast frame and multicast frame are always flood out from all possible ports except to the port on which the frame came in.

How cisco switch learn MAC address

Switch can build CAM table either statically or dynamically. Static method is used with critical resources for security purpose. In static method we have to update CAM table manually. With regular devices dynamic method is sufficient. In dynamic method switch can automatically build CAM table by incoming frames. In following example, four PCs are connected via switch. When we power on the switch, it has a blank MAC Address table

mac address table

PC0 sends a frame to PC2. Switch received this frame on Ethernet0/1. Switch takes three steps here Learn, Decision and Forward.

In first step Switch updates MAC Address Table with source address and learning interface. It looks in MAC Address Table for entry of source address. MAC Address Table is currently empty so obviously it would not find an entry for it. In will make a new entry for this address.

In second step it will make forward decision based on destination address. This frame has a single destination PC2. Single destination frame is known as Unicast. Switch has no entry for this destination address in MAC Address Table, so it would treat it as unknown Unicast. Switch floods unknown Unicast from all possible ports.

In third step Switch takes action based on the decision made in second step. This frame would be flood from all possible ports except from the incoming port.

Now MAC Address Table look like as following

mac address table

This frame would be received by PC1,PC2 and PC3. PC1 and PC3 will drop this frame as it is not intended for them. Only PC2 will process this frame, as frame has its address in destination address field. Our first frame has reached on its destination.

PC2 sends a frame back to PC0 in respond of receiving frame.

Switch received this frame on Ethernet0/3. Now we know that Switch takes three steps when it receives a frame on its interface.

In learning process, Switch checks MAC Address Table for entry of source address. It is the first frame from PC2. Switch has no entry for this source address so it would update MAC Address Table with the MAC address of PC2.

In decision making process, Switch compares destination address with MAC Address Table. This frame has destination address 0000.0000.0000. Switch has entry for this address. By looking at MAC Address Table Switch can easily figure out that its Ethernet0/1 port has the destination address.

In forward process, Switch will only forward this frame from its Ethernet0/1 port.

mac address table

Switch repeats these steps every time whenever it receives a frame. You can view MAC Address Table entries from show mac-address-table command.

show mac-address-table command

Methods of Switching

Cisco Switches support three methods of switching.

  1. Store and Forward
  2. Cut and Through
  3. Fragment Free

Store and Forward

This is a basic mode of switching. In this mode Switch buffers entire frame into the memory and run FCS (Frame Check Sequence) to ensure that frame is valid and not corrupted. A frame less than 64bytes and higher than 1518bytes is invalid. Only valid frames are processed and all invalid frames are automatically dropped. Among these three methods, this method has highest latency. Latency is the time taken by device in passing frame from it.

Cut and Through

Cut and Through method has lowest latency. In this method Switch only read first six bytes from frame after the preamble. These six bytes are the destination address of frame. This is the fastest method of switching. This method also process invalid frames. Only advantage of this method is speed.

Fragment Free

This is a hybrid version of Store and Forward method and Cut and Through method. It takes goodies from both methods and makes a perfect method for switching. It checks first 64 bytes of frame for error. It processes only those frames that have first 64bytes valid. Any frame less than 64 bytes is known as runt. Runt is an invalid frame type. This method filters runt while maintaining the speed.

Removing Layer 2 loops

To insure redundancy network engineers usually create backup routes for critical resources. This creates network loops. Switch uses STP ( Spanning Tree Protocol) to remove loops.

Main functions of STP are to prevent loops and automatically activate backup link in case of failure of main link. STP automatically finds the backup [duplicate ] links and disable them, leaving a single active path between any two nodes. Whenever a main link goes down STP enables the backup route.

STP is explained with example in following article.

Type of Switching

In the starting of this article we have divided switching concept in two terms LAN and WAN. So far we have explained switching in LAN terms, now in remaining article would focus on WAN terms.

WAN supports a number of switching types, among those following are the most popular and covered in CCNA Exam objectives.

type of switching

Dedicate Line

This is usually known as leased line or point to point connection. In this type of connection, lines remain always open. You have to pay for all times whether you transmit data or not. HDLC and PPP encapsulations are used for this type of connection. This is the most expensive method of data transmission. It uses synchronous serial lines.

Circuit Switching

It uses asynchronous serial lines. You only need to pay when actual data transmits. It works like a telephone call where you only need to pay for call duration. In circuit switch, we need to established connection every times whenever we have data to transmit. Circuit switching uses dial-up modems or ISDN. It is suitable for low-bandwidth data transfers.

Packet Switching

In this method you share bandwidth with other companies. This is cost effective simulation of lease line. It is suitable for bursty type data transmission. VPN and frame really are two popular implementations of this method.


VPN (Virtual Private Network) is an extended private network over the public network such as internet. VPN enables us to transmit data across the shared public networks. We need to implement data encryption and security polices to ensure data integrity. Major implementations of VPN include OpenVPN and IPsec.

Frame Relay

Frame Relay is the cost effective switching method. Frame relay breaks data in variable size units, known as frames. It does not implement any error correction solution in carrier. In this technology any necessary error correction methods need to be setup on end devices. This speeds up over all data transmission.

Share this Share This Article with Friends

Stay updateStay Update With US

More Articles For YouYou May Also Like