CCNA Video: Switching Basics

Hi and welcome to this CertificationKits CCNA training video on switching basics. We are going to be going over what a collision and what a broadcast domain is.  What is a layer 2 broadcast, what are unicast messages,  the mac address table also known as the forwarding table or the bridging table, how the switch makes decisions where to forward a particular packet and how it handles broadcasts and unknown unicast messages.

Let’s first talk about what a collision domain is and what it means when multiple machines share one collision domain. The best way to illustrate that is if this center device is a hub. A hub does not separate collision domains.  So all machines PC1, PC2, PC3 and PC4 are all in the same collision domain. Since all machines are in the same collision domain, let’s take a look at what happens when PC4 sends a message. It leaves a network interface card and there is the hub connected to this interface right here.  What the hub does, it’s simply a multiport repeater, it takes that signal, regenerates it and sends it out all other interfaces. So the problem is, if two machines are sending data at the same time, there would be a collision.  That’s where they get the term collision domain.  So when multiple machines share one collision domain, only one machine can send at a time.  So what happens is machine four would go ahead and listen to make sure no one else is sending and go ahead and send; and that’s called carrier sense CSMA multiple access with the collision detection.  It’s basically listening to the line, making sure the coast is clear and then goes ahead in sending and that’s how an CCNA Ethernet environment operates when you are using what’s called half duplex communication. Half duplex means you can send or receive, but you can’t do both at the same time.

Now if this center device is a switch, you’ve got four ports on the front of the switch.  Each port on the switch is in its own collision domain. There is buffering at the ports. What that means is there are four collision domains on the switch; right here if it’s a four-port switch and each machine is in its own collision domain.  Meaning machine four now, it can go ahead and send.  The switch then takes the traffic,  it puts it in the buffer, it will even go ahead and read the MAC address on it, determine what port we’re going to or needed to go out. Let’s say it needed to get out of port two to PC2 and it sends out the appropriate port. It does not send the traffic out all ports unless, and we’ll talk about this in a moment if the forwarding table is empty or it doesn’t know where the destination MAC address lies.   What’s nice about this is the switch also has the ability to operate in full duplex mode.  So in full duplex communication mode, machine two can send at the same time as machine four and not collide. The traffic will simply bypass each other because what happens is machine two is using different wires inside of this Ethernet cable.  It uses different wires to send and different wires to receive. So in an environment with full duplex communication, all machines are in their own collision domain.  They can go ahead and send and receive at the same time and not worry about collisions.  That CSMA/CD I talked about earlier, the carrier sense multiple access with collision detection.  It is actually disabled when the network interface card is on the machines are operating in full duplex mode. Now let’s talk about a broadcast domain.  As far as determining what our broadcast domain is; this center device can be a hub or a switch. Both hubs and switches with forward broadcast messages and what really defines a broadcast domain is what machines will receive a broadcast message. So now we know that machines one, two and three are in the same broadcast domain as machine four is because when machine four sends a broadcast message out, it will reach everybody.

Now let’s take a look at a CCNA level example of a broadcast messages such as an ARP request. ARP stands for Address Resolution Protocol and this is a type of broadcast message that is used to resolve an IP address to a MAC address.  Now let’s take a look at machine four and let me number these machines real quick. Machine one, machine two, machine three and machine four; and machine four has sent out and ARP request to resolve an IP address to a MAC address. What would happen is if this device were a hub? It would take that one message no matter what type of message it is and sent it out all of the ports so the machine with the appropriate IP address would get this ARP address,  and send back it’s MAC address. If this center device were a switch, it have to know it needed to forward all this information.  What would happen is this ARP request has a destination MAC address of all “F”. 12 F’s all in a row.  Now when the switch sees the destination address of all F’s, what it does is it looks in what’s called a forwarding table. It looks to see if a MAC address of all F’s is associated with any of these other ports here. There will never be a MAC address of all F’s associated with any particular port because no machine is going to have a MAC address of all F’s, at least it shouldn’t. So what will happen is when the switch does not know where the destination MAC address is for all F’s, they’ll say “Hey I don’t know where that is.” To make sure the message gets to the appropriate destination, I will go ahead and send it out all other ports.  So it goes ahead and sends it out all other ports because it doesn’t know where the destination MAC address of all F’s is.  It doesn’t know that it’s a broadcast message.  It just doesn’t know where the heck that machine is.  So it goes ahead, sends it out all ports just to try to get it there. Since machine one, machine two, and machine three all received this ARP request, they are all in the same broadcast domain.  So all ports on a hub or on a switch are all in the same broadcast domain.

If we were talking about collision domains, a switch would separate collision domains, but a switch does not separate broadcast domains.  That is unless we do some advanced CCNA configuration which would be an example of a VLAN.  We will talk about it in another CCNA video here.  A VLAN is a virtual lan and it allows you to create multiple broadcast domains on a switch but standard configuration, it on all ports.  We have four ports on the switch; port one, port two, port three, port four. All ports on the front of the switch are all in the same broadcast demand as well as in a hub environment. Now let’s talk about what a layer two broadcast or layer two unicast message is. When I’m talking about layer two, I’m referring to layer two of the OSI model.  Open System Interconnection and all these is it.  The guidelines that machines follow when packaging information sent from one machine to another. So if machine A wanted to send something to machine B, we would have to package the information appropriately before sending it out on to the cable and physical impulses of electricity, this OSI model has the guidelines that the machines follow when sending information from one to another just like if I want to mail a letter to somebody.  I have this letter here I wrote out a letter by hand.  I didn’t even bother typing it.  I have to put it in an envelope.  I have to address the envelope appropriately. I have to put a stamp on the envelope.  I have to put the destination address in the right spot, the source address in the right spot. If I don’t do things appropriately, then my information will not get to the intended recipient and the OSI model is simply those sets of rules for the machines to follow when packaging information.

Now there are certain protocols or sets of rules that can be used in accordance with this OSI model. The top three layers from a CCNA exam perspective would be considered our application layers and I fixed that “P” right there.  That’s where the application layer and layer four is called our transport letter. That‘s where TCP of the TCP/IP thing takes over.  TCP will take the data from whatever application you’ve got such as FTP program and break it up into smaller chunks.  Each one of those smaller chunks needs to get an IP address on it so the IP address gets put on. Once the IP address is on in an Ethernet environment, the next step is to put the MAC address on. Now switches function at layer two of the OSI model because they read MAC addresses.  So when I’m referring to a layer two broadcast or a layer two unicast message, I’m talking about a broadcast MAC address that’s destined for everyone or a unicast MAC addressed that’s destined for one particular machine.

Let’s take a look at the sending of those different types of messages. Now for each one of these different machines fair, I’ve given them a MAC address. Typically the MAC address is not two hexadecimal characters. What is hexadecimal? It’s zero through nine or A through F, zero through 15 basically. Typically the MAC address is 12 hexadecimal characters, I’m just too lazy to write out 12 hexadecimal characters so I’m using two. The MAC addresses are burned on to the network interface cards at the factory so to effectively change a MAC address without spoofing or anything like that, you would have to go I and actually swap out the network interface card. Now a layer two broadcast  as we just saw what the OSI model layer two addressing as a MAC address, a layer two broadcast massage has all F’s for the destination. Here’s what happens when a machine sense a layer two broadcast message just like I talked about earlier. ARP would be a good example of that. It sends it out and all F’s is the destination address.  That hits the switch and it goes to all other machines, that’s a layered two broadcast message. A layer two unicast message would be when this machine here, machine four, sends a message to a particular MAC address that exist on a network.  Let’s take a look at that.

Back to a clean CCNA slide here.  If machine four wants to send something to machine one, that is machine two, that’s machine three, machine four wants to send something to machine one, specifically has the MAC address. What will happen is in the destination portion of the frame, it’s called a frame at layer two; it puts the destination MAC address of 9A and send it out the switch. The switch would read that destination MAC address of 9A and go “Oh, that’s connected to port one” and go ahead and send it out of interface one.  Machine two and machine three would never see this package. Now let’s take a look at the MAC address table also known as the forwarding table that the switch keeps.  Let’s say we just turned on the switch.  We’ve got ports one, port two, port three and port four on the switch and each port has a machine plugged into it. Each machine has a different MAC address.  There should never be conflicting MAC addresses on the networks. I have heard of it, but I haven’t run into it myself.  But most of the time it’s safe to say that all of your machines plugged into the network will have different MAC addresses.  

So what happens is the forwarding table starts off empty as the computers begin to communicate. Let’s say computer A sends something to computer D.  So I’m putting computer A here, computer D down there, sends something to computer D. At layer two of that OSI model, the source MAC address would be 9A and the destination MAC address would be 6E.  It packages it up and sends it out. Now a switch is a layer two device meaning it will read this layer 2 information and so it will actually look at the source and destination MAC address.  What it does is the forwarding table is empty, but it needs to populate it. It looks at this source MAC address and goes “Oh, 9A” the packet came in through interface one and it has a source MAC address of 9A so obviously if I want to send something with the computer with the MAC address of 9A I would have to go out of interface one.  It looks at the destination MAC address of 6E and checks the forwarding table for 6E, it don’t see it in there. So to make sure that it gets there, it goes ahead and floods, it’s called flooding, it floods that frame out to all other ports to make sure the appropriate machine receives it. Both computer B and computer C will receive that packet but since the MAC address is not theirs, they will not open the packet.  Only computer D will go ahead and open that packet. Eventually the forwarding table will be full so when any computer sends to another computer in this environment.  Let’s say computer B sends to computer C, it will go directly there. Computer B sends something out, it will only go directly to computer C because the forwarding table is populated. It only floods packages or frames that it does not recognize the MAC address. Again the example of the broadcast; let’s say computer D sends out a broadcast message.  The destination address for a broadcast is all Fs. Again it goes into port four here, the switch will read the layer two address all F’s and goes “Hey I don’t see all F’s in here” so let me go ahead and flood it out all other interfaces to make sure it gets there.  That’s how the forwarding table gets populated and that’s also how the switch makes its forwarding decision.  

Let’s take a look at a little bit more complicated CCNA level environment.  In more complicated environments, we will have multiple switches connected together and we’ve got switch A and switch B over here.  Here is the forwarding table for switch A.  Here is the forwarding table for switch B.  Port one, port two and port three represented in forwarding table for switch A.  So what would happen is eventually after communication took place which A would know on port one you got C4, port two you’ve got 9B.  Now the tricky part is this uplink part right here. Port three connects over to switch B.  It’s an uplink and what would happen is eventually it would have multiple MAC addresses listed under port three so it would have B3 and E7 there. B, port one is its uplink port so it would have MAC addresses of C4 and 9D once the forwarding table is completely populated. There is no limit to the number of entries that can show up under an uplink port and the more realistic question would be how large do you want your actual broadcast domain to be?  Because the larger to broadcast domain, the more traffic that’s going to be running on it. So in this situation, let’s say computer with a MAC address of C4 right here wants to send something to computer with the MAC address of E7.  At layer two it will go ahead and package up its data. Source MAC address at C4, destination E7 and go ahead and send it out. At the switch, it goes in interface 1.  The switch looks at it and goes “Oh!” C4, you are still associated with port one that’s right.  E7, let me check my forwarding table. Oh that’s going to go out of interface three, it then goes ahead and sends it out its interface one on this switch.  It then looks at the source C4, okay that’s still associated with port one, that’s fine, destination MAC address is C7, let me check my forwarding table right here. I got to go out in port three, goes ahead, sends it out, port three. All the other systems will not see that. Now again if this were a broadcast message originating from computer C4 right here, the destination MAC address would be all F’s. 

Let’s watch what happens when you send that out. It sends out the all F’s.  It hits the interface, and I don’t see that in my forwarding table.  I better flood it.  Flood it out here, flood it out there, it hits port one, all F’s, I don’t see that in my forwarding table. I better flood that out, port two, port three so that broadcast or an unknown unicast message would get forwarded to everybody. So we’ve talked about what a collision and what a broadcast domain is.

We’ve talked about a layer two broadcast and layer two unicast message and what layer two actually refers too. We talked about the MAC address table also known as a forwarding table, the bridging table, and you could even make your own names up for it and the forwarding decision and how that’s made and what happens when a broadcast or an unknown unicast message is passed through the switch. I hope you have enjoyed this CertificationKits CCNA training video on switching basics.