Ethernet switch and MAC-based forwarding

An Ethernet switch has dedicated ports to which hosts are connected using physical cables. Any frame received on a port is not sent to all other hosts, but forwarded only to the hosts for which it is destined. The switch uses the MAC table to identify the port on which the frame should be forwarded. If the switch does not have the destination MAC address in its MAC tables, the switch will send the frame on all ports, resulting in a broadcast. This broadcast also happens if the Ethernet frame is destined for a broadcast MAC address. We will discuss this special case during the discussions on Address Resolution Protocol (ARP).

Hence, Ethernet switches simulate the shared medium, but drastically reduce collisions as the frames from one host are not sent to all other hosts on the network. This allows multiple hosts to transmit at the same time, thereby improving the throughput of the LAN. The throughput also increases because of the use of full-duplex mode of operation, where the transceiver can transmit and receive at the same time.

An Ethernet switch works on the basis of a MAC table that it creates while forwarding traffic. When the switch is powered on, it has an empty MAC table. As the hosts start to send data, the switch keeps populating the MAC table based on the source MAC addresses received on the ports.

A very simple representation of a MAC table is as shown next. The MAC addresses are stored in the MAC table for a set time called the MAC ageing time, after which the address is flushed out to conserve device resources. The ageing timer is reset every time the switch sees the MAC address. So, the MAC entry is flushed only if the MAC is not active for a duration that exceeds the MAC ageing timer. This timer is set to 300s by default, but can be changed using the IOS command mac address-table aging-time seconds:

When the switch receives a frame, it sees the source MAC address and populates its MAC table for the port on which the frame was received. The switch then also looks up the MAC table to see if a mapping between the destination MAC address exists for a particular port. If yes, the switch sends the frame only to that port. If there is no such mapping present, the switch broadcasts this frame on all ports other than the one on which it was initially received, thereby simulating the shared medium. The destination host, if connected, receives the frame. And when the destination host sends a frame back, the switch knows the physical port on which that host is connected from the source MAC address of the reply.

Broadcasts are bad for a switch as they interrupt all hosts on the LAN segment and need to be minimized. However, they cannot be eliminated altogether as the switch needs to use broadcast when sending frames to unknown MAC addresses. ARP, that we will discuss later, is another example where the frames have to be broadcast to all hosts on the Ethernet segment.

To minimize broadcasts on a network, network engineers generally limit the number of hosts on an Ethernet segment and create different Ethernet segments. Each segment is a different layer 3 domain, and we need a device with layer 3 functionality to send packets between the hosts in different segments.