1 00:00:00,000 --> 00:00:00,590 2 00:00:00,590 --> 00:00:03,830 It is a challenge to configure, troubleshoot, or manage 3 00:00:03,830 --> 00:00:06,100 a device if we're not sure how it works. 4 00:00:06,100 --> 00:00:07,610 So in this Nugget, I'd like to share 5 00:00:07,610 --> 00:00:12,040 with you the basics of how a Layer 2 switch operates. 6 00:00:12,040 --> 00:00:13,945 So let's begin by introducing this topology, 7 00:00:13,945 --> 00:00:16,170 and we're pretty proud of it. 8 00:00:16,170 --> 00:00:17,030 We have three PCs-- 9 00:00:17,030 --> 00:00:18,710 PC-1, 2, and 3-- 10 00:00:18,710 --> 00:00:21,290 and each of them are connected physically 11 00:00:21,290 --> 00:00:24,050 with a little patch cable that goes from their network 12 00:00:24,050 --> 00:00:28,410 interface card at their PC down to the port on this switch. 13 00:00:28,410 --> 00:00:31,760 So PC-1 is physically connected to port 1/1, 14 00:00:31,760 --> 00:00:35,660 PC-2 is physically connected to port 1/2, and PC-3-- 15 00:00:35,660 --> 00:00:38,930 da-da-da-da-- connected to port 1/3. 16 00:00:38,930 --> 00:00:42,350 Also, for this topology, I have assigned each of the PCs 17 00:00:42,350 --> 00:00:45,650 a network layer address, and that's these top numbers. 18 00:00:45,650 --> 00:00:50,600 PC-1 can be reached at 10.0.0.11, PC-2 at 10.0.0.22, 19 00:00:50,600 --> 00:00:53,080 and PC-3 at 10.0.0.33. 20 00:00:53,080 --> 00:00:56,300 I've also included the Layer 2 MAC address, or at least 21 00:00:56,300 --> 00:00:58,470 a portion of it, for each of the computers. 22 00:00:58,470 --> 00:01:00,470 Because it is 12 digits long, I thought 23 00:01:00,470 --> 00:01:03,920 I'd just go ahead and put an x.x for the first eight characters, 24 00:01:03,920 --> 00:01:06,800 and then write out the last four digits, which I've done here. 25 00:01:06,800 --> 00:01:09,410 So PC-1's MAC address, its Layer 2 address, 26 00:01:09,410 --> 00:01:15,900 ends in 6800, PC-2 ends and 6801, and PC-3 ends in 6802. 27 00:01:15,900 --> 00:01:17,420 So now that we've been introduced 28 00:01:17,420 --> 00:01:20,597 to the topology in this three-node network, 29 00:01:20,597 --> 00:01:22,430 let's talk about what this switch right here 30 00:01:22,430 --> 00:01:23,240 does for a living. 31 00:01:23,240 --> 00:01:24,590 So we plug that in. 32 00:01:24,590 --> 00:01:25,780 It's powered on. 33 00:01:25,780 --> 00:01:27,530 And one of the first things this switch is 34 00:01:27,530 --> 00:01:30,890 going to do and continue to do is to listen to the frames 35 00:01:30,890 --> 00:01:33,069 as they come in and learn. 36 00:01:33,069 --> 00:01:34,610 And the question might be, well, what 37 00:01:34,610 --> 00:01:36,420 exactly is it going to learn? 38 00:01:36,420 --> 00:01:38,720 Well, it's going to learn the MAC addresses 39 00:01:38,720 --> 00:01:42,230 on the PCs or other devices that are connected to its ports. 40 00:01:42,230 --> 00:01:44,150 And the way it does that, it pays attention 41 00:01:44,150 --> 00:01:46,510 to the source MAC address. 42 00:01:46,510 --> 00:01:48,510 And let's use PC-1 as an example. 43 00:01:48,510 --> 00:01:50,420 Let's imagine that PC-1 is sending 44 00:01:50,420 --> 00:01:53,300 a frame of data, bit by bit, into the network 45 00:01:53,300 --> 00:01:55,680 through this port on the switch. 46 00:01:55,680 --> 00:01:58,430 And it just so happens I had conveniently available a packet 47 00:01:58,430 --> 00:02:01,940 capture showing the Layer 2 information that PC-1 48 00:02:01,940 --> 00:02:05,360 would be using if it was communicating with PC-2. 49 00:02:05,360 --> 00:02:07,760 And just to give a clear picture of what's happening, 50 00:02:07,760 --> 00:02:09,860 PC-1 is doing a ping here. 51 00:02:09,860 --> 00:02:13,460 It's sourcing it from its IP address of 10.0.0.11, 52 00:02:13,460 --> 00:02:17,640 and it's pinging over to 10.0.0.22, right here. 53 00:02:17,640 --> 00:02:20,210 Now, that's the Layer 3 information, but at Layer 2, 54 00:02:20,210 --> 00:02:23,600 that corresponds to the source Layer 2 address of the MAC 55 00:02:23,600 --> 00:02:27,200 address ending in 6800-- this guy right here-- 56 00:02:27,200 --> 00:02:30,650 going to the destination MAC address of 6801, 57 00:02:30,650 --> 00:02:32,070 which is this guy right here. 58 00:02:32,070 --> 00:02:35,090 So as PC-1 sends his frame into the switch, 59 00:02:35,090 --> 00:02:36,860 from a learning perspective, the switch 60 00:02:36,860 --> 00:02:41,720 is looking at the source MAC address on the incoming frames, 61 00:02:41,720 --> 00:02:43,580 because the switch is curious and wants 62 00:02:43,580 --> 00:02:46,430 to know where all the MAC addresses live. 63 00:02:46,430 --> 00:02:48,860 So in short, when PC-1 sends a frame into the network 64 00:02:48,860 --> 00:02:50,949 and includes its source MAC address, 65 00:02:50,949 --> 00:02:52,490 the switch is going to build a table. 66 00:02:52,490 --> 00:02:56,840 It's going to say, OK, MAC address x.x.6800, 67 00:02:56,840 --> 00:03:00,830 that MAC address, because I saw it come in on port 1/1, 68 00:03:00,830 --> 00:03:03,110 is associated with port 1/1. 69 00:03:03,110 --> 00:03:05,540 So once these devices have all sent at least one frame 70 00:03:05,540 --> 00:03:08,147 into the network, which includes their source MAC address, 71 00:03:08,147 --> 00:03:09,980 the switch is going to have learned and then 72 00:03:09,980 --> 00:03:12,440 put into a table all their MAC addresses 73 00:03:12,440 --> 00:03:14,130 and where they can be reached. 74 00:03:14,130 --> 00:03:15,530 So we're getting PC-2. 75 00:03:15,530 --> 00:03:21,380 The MAC address is x.x.6801, and it's associated with port 1/2. 76 00:03:21,380 --> 00:03:22,800 And for PC-3, it's the MAC address 77 00:03:22,800 --> 00:03:26,000 that ends in 6802 on port 1/3. 78 00:03:26,000 --> 00:03:27,820 So the major concept is that the switch 79 00:03:27,820 --> 00:03:30,440 is listening and learning regarding the source 80 00:03:30,440 --> 00:03:33,650 MAC addresses for all the frames that enter its ports. 81 00:03:33,650 --> 00:03:35,510 And then, secondly, it's building a table 82 00:03:35,510 --> 00:03:37,940 so if it ever needs to forward a frame to any 83 00:03:37,940 --> 00:03:40,790 of those MAC addresses, it knows exactly which port it 84 00:03:40,790 --> 00:03:43,280 should send the frame out to reach that destination MAC 85 00:03:43,280 --> 00:03:44,090 address. 86 00:03:44,090 --> 00:03:46,490 And one of the beautiful things about a Layer 2 switch 87 00:03:46,490 --> 00:03:48,320 is that it can do intelligent forwarding. 88 00:03:48,320 --> 00:03:49,010 Case in point. 89 00:03:49,010 --> 00:03:51,890 If PC-2 is going to send a frame to PC-3, 90 00:03:51,890 --> 00:03:54,860 it can craft that frame with PC-3's Layer 2 destination 91 00:03:54,860 --> 00:03:55,550 address. 92 00:03:55,550 --> 00:03:57,300 And when that frame goes into the switch, the switch says, 93 00:03:57,300 --> 00:03:58,910 hmm, I know where that MAC address 94 00:03:58,910 --> 00:04:00,440 lives that ends in 6802. 95 00:04:00,440 --> 00:04:02,560 It's off of port 1/3. 96 00:04:02,560 --> 00:04:05,630 And it can forward that directly to that port 97 00:04:05,630 --> 00:04:08,360 and forward it to PC-3, and that traffic never 98 00:04:08,360 --> 00:04:10,290 even had to bother PC-2 at all. 99 00:04:10,290 --> 00:04:13,095 It wasn't for PC-2, PC-2 didn't care about it, 100 00:04:13,095 --> 00:04:14,720 and we're not interrupting anybody else 101 00:04:14,720 --> 00:04:17,660 except for PC-3, who's going to receive that frame. 102 00:04:17,660 --> 00:04:19,490 And if this switch is just powered on 103 00:04:19,490 --> 00:04:21,700 and hasn't learned where everybody lives yet 104 00:04:21,700 --> 00:04:23,090 and it receives the frame-- 105 00:04:23,090 --> 00:04:26,500 let's imagine that PC-1 sends a frame into the network-- 106 00:04:26,500 --> 00:04:28,520 the switch looks at the destination address, 107 00:04:28,520 --> 00:04:31,070 and the switch looks at this table it's built and says, 108 00:04:31,070 --> 00:04:33,270 oh, I don't know where that destination lives. 109 00:04:33,270 --> 00:04:35,404 The switch is going to err on the side of caution, 110 00:04:35,404 --> 00:04:37,070 and it's going to forward that frame out 111 00:04:37,070 --> 00:04:39,710 to every other port where there's a device connected 112 00:04:39,710 --> 00:04:41,840 with the hope that whoever that frame was for 113 00:04:41,840 --> 00:04:43,560 would have a chance to take a look at it. 114 00:04:43,560 --> 00:04:44,810 And what the switch is not going to do, 115 00:04:44,810 --> 00:04:46,920 it's not going to bother forwarding the frame 116 00:04:46,920 --> 00:04:48,470 out the same port that it came in 117 00:04:48,470 --> 00:04:50,150 on because that would be silly. 118 00:04:50,150 --> 00:04:53,820 If PC-1 is sending a frame, PC-1 already knows about that frame. 119 00:04:53,820 --> 00:04:55,460 So a frame coming into the switch 120 00:04:55,460 --> 00:04:57,835 where the switch does not know where that destination MAC 121 00:04:57,835 --> 00:05:00,710 address lives is forwarded to all other ports. 122 00:05:00,710 --> 00:05:02,780 And that same kind of activity happens 123 00:05:02,780 --> 00:05:05,880 if a device sends a broadcast into the network. 124 00:05:05,880 --> 00:05:09,740 Let's imagine that PC-3 sends a broadcast frame 125 00:05:09,740 --> 00:05:10,790 into the switch. 126 00:05:10,790 --> 00:05:14,900 A broadcast is also going to be forwarded out all other ports 127 00:05:14,900 --> 00:05:16,440 because it's a broadcast. 128 00:05:16,440 --> 00:05:17,690 Somebody might need to see it. 129 00:05:17,690 --> 00:05:20,420 So the processing of an unknown destination address 130 00:05:20,420 --> 00:05:23,930 and a broadcast are handled the same on the Layer 2 switch. 131 00:05:23,930 --> 00:05:26,480 They're sent out every other port except for the port 132 00:05:26,480 --> 00:05:28,184 that that frame came in on. 133 00:05:28,184 --> 00:05:29,600 In this Nugget, we've taken a look 134 00:05:29,600 --> 00:05:32,360 at the basic operations of a Layer 2 switch. 135 00:05:32,360 --> 00:05:34,670 I hope this has been informative for you, 136 00:05:34,670 --> 00:05:38,110 and I'd like to thank you for viewing.