What is a Switch?
Switch was introduced in 1990 by company named Kalpana (acquired later by Cisco). It connects group of devices into a local area network (LAN). A Switch understands frames which encapsulates bit data with address information. Switch receives and forwards data within a particular network only.
How does a Switch work?
A switch creates a local area network. This network has multiple end devices. Each of these end devices has MAC addresses hard-coded. Switch copies these MAC addresses to its MAC Address table. When a packet arrives, a switch checks the destination address with MAC Address Table and forwards the packet. It is like a post-office.
As the ports and data density increases, higher flow management is required. A smart or fully managed switch ensures smooth flow of data with least errors.
Types of Switch
There are various types of Switch available in the market under Unmanaged Fast Ethernet/Gigabit Ethernet, PoE Switch, Smart Managed or Managed Switch and Fully Managed Switch.
Comparison of these switches are given below :-
What is QoS in a Switch?
QoS is Quality of Service or Class of Service (CoS). Any switch with QoS prioritizes the data by its type. Say for example, a Video demands huge packet data. QoS then gives priority to Video packet over other packet. This ensures smooth streaming of videos. QoS does this by checking the packet header for video, audio, mail or any other data and gives priority. QoS is a must these days.
QoS operates in three modes as follows :-
- Best Effort : All packets are given same priority. This is no QoS – When QoS is not running or Disable Mode.
- Integrated Service : Reserves Bandwidth for specific path in the network. So particular end users are given reserved higher bandwidth or reserved smaller bandwidth than others.
- Differentiated Service Code Point : Routers and Switches are configured to set priority for a part of network or service. For example, a network can be given higher priority for service like video or audio or voice over data. Also, a network path can be given more priority over other paths.
Weighted Round Robin (WRR) : Number of packets sent is directly proportional to the weight of the queue. Higher the volume of the queue more quota is used. Once the quota is over the next queue is served.
Strict Priority : This sets the priority to the queue coming from a service or network path. Until and unless priority 1 is served, no other queue is served.
What is IGMP Snooping or MLD Snooping?
IGMP or Integrated Group Management Protocol or Snooping is the process to block unnecessary large packets in a multicast network. In a normal scene, switch gives priority to high volume packet. An attacker end user can send large data that may choke the network. IGMP Snooping tracks and takes down denial of service attack over the network. It does this by restricting multicast data to only the participating users. Ex. Video Streaming over LAN. A group of users can participate to stream video over say VLC player. IGMP Snooping prevents flow of this data over other non-participating users. Thus, it prevents choking of network.
While IGMP Snooping works over IPv4 network. A Multicast Listener Discovery (MLD) works in very similar manner ovre the IPv6 network.
Storm control is the process to control data congestion. When packets are broadcast to every node, each node sends acknowledgement (ACK) message. So, a switch is suddenly flooded with both forward and return packets. When these packets exceed the bandwidth, Switch can decide to drop these ACK packets (return packet) or the forward packet to enable bandwidth and flow.
What is Link Aggregation or LACP?
LACP or Link Aggregation Control Protocol (802.3ad) combines multiple Ethernet link into one logical link. LACP increases bandwidth, provides degradation if failure occurs, and increases availability. It provides redundant data paths. It provides expressway roads to other LAN/Switch.
What is Auto MDI/X?
Auto MDI/X was developed by HP in 2011.
A MDI is a RJ45 port that connects to the Jack. RJ45 can be configured as both straight through or crossover. More about straight and crossover cables here.
A straight through cables connects different devices together. Example, Computer to Router.
Crossover cable connects similar devices like Switch to Switch.
Devices are configured with Auto MDI/X. This allows any RJ45 to automatically detect if RJ45 port has crossover or straight through setting.
So, no need to physically change the wire configuration at RJ45.
Below table provides relation of MDI/X and Auto MDI/X with wires. So, Switches with Auto MDI/X ports can connect with any configuration of RJ45.
What is Spanning Tree Protocol?
Spanning Tree Protocol or 802.1D prevents loop backs in the network. There are number of paths that can connect two switches together. A situation may arise when a data packet is sent in the network, it may enter in a loop with other switch.
This is a avoidable situation. It opens the loop in the form of tree. It forces redundant data paths into blocked state. This allows 1 data path only. If this data path fails, only then it re-routes packet data to the 2nd path.
STP first assigns a root switch. This should be a centralized switch; where all data flow should take place from this switch only. It can be called a backbone switch.
Bridge Priority : A switch is allocated priority based on the sequence. A switch with minimum rank is chosen as root switch. Each switch transmits a BPDU (Bridge Protocol Data Unit). All nearby switches sends BPDU to neighbor switch and exchange root ID. The one with lowest ID is selected as root switch.
Each switch determines best path to the root by BPDU information.
There are three types of Spanning Tree – Common Spanning Tree (802.1D), Rapid Spanning Tree (802.1w) and Multiple Spanning Tree Protocol (802.1s). All traffic flows over root switch. Disadvantage of CST is that the path may not be optimized.
Rapid Spanning Tree (RSTP) is same as CST but provides faster convergence than CST.
Multiple Spanning Tree supports VLAN. Thus, all VLANs in a network are treated as groups of branches of the tree. RSTP runs on this tree.
What is VLAN (Virtual LAN) ?
We know that switch creates a LAN. What happens when we need two or more LANs with single or multiple switches. For this we need VLAN or Virtual LAN.
VLAN is a logical group of network within a private network. It does not use public network such as Internet. For example, Sales, R&D, Finance, Operation departments are separated by individual VLANs. They can talk within each group and share files. When they need to talk inter department, they can do so by Trunking.
We need VLAN to perform segmentation, traffic congestion and security.
Static VLAN vs Dynamic VLAN
Below diagram explains Static and Dynamic VLANs :-
Static VLAN setup has fixed ports for specific VLAN. While Dynamic VLAN maps MAC address or IP address with the server. In Dynamic, any system can connect to any port, it would be checked with server and assigned the pre-defined VLAN.
What is VLAN 802.1Q Trunking ?
See below diagram to understand VLAN Trunking :-
802.1Q or Dot1q is a Trunking mechanism to transfer files among VLANs. These VLAN can be in the same switch or different switches. When the VLANs are in separate switches, data transfer happens through Trunks.
What does Trunking do?
A separate Tag is added to the frame, with VLAN Identifier – like VLAN10, VLAN20. When Computer A communicates with Computer C, Switch 1 adds a Tag to the original frame (accordingly FCS is also changed). This Tag is discarded once the frame reaches Switch 2. This normal frame now reaches Computer C.
InterVLAN connection Methods
There are three methods in which VLAN may communicate :-
- Traditional VLAN : When a switch does not support 802.1Q, it can allow communication via Routers. But each VLAN should be separately connected with separate Router uplinks. This is costly method.
2. Router on a Stick : In this the switch supports 802.1Q but does not support Layer 3/Multi-layer setup. So, switch are connected via Router to transfer files via Trunks to other VLAN.
3. Multi-Layer Switch : This Multi Layer Switch allows VLAN Trunking within the switch itself. VLAN10 can send data to VLAN30 directly via Trunking. For this a Smart Switch or Fully Managed Switch works just fine.
What is VPN ? How is different from VLAN ?
Please see below diagram to understand VPN :-
A Virtual Private Network (VPN) are not physically connected in a LAN. They are connected via public network such as Internet. So, VPN allows a remote users to connect to the VLAN or private local LAN via Tunnel.
Below shows the difference between VLAN and VPN :-
Types of VPN Protocol
All VPN follows similar structure. VPN flows traffic through private Tunnel via Public Network (Internet) and a good encryption. This creates a secure VPN.
Prominent VPN Protocols are PPTP, L2TP, SSTP, OpenVPN, IKEv2 etc. Following table shows the difference among following VPN as follows :-
What is IP Mac Port Binding (IPMB) ?
Controller has set of IP address and MAC addresses that are allowed. If IP and MAC addresses both matches then only the packet can be passed. So, only selective systems can access the network, while other systems are denied.
What is ACL ?
ACL refers to Access Control List. This filters the network traffic based on set of rules. These rules pertain to secure access. Only a set of users would be allowed to access service. Others will be denied.
What is 802.1Qbb ?
It optimizes the flow control. This protocol pauses transaction if the receiving port buffer is full. This makes the packet re-transmission requirement at minimal. This makes the flow control better.
What is Port Mirroring?
This feature in a switch enables a switch to monitor any given port. The network makes a copy of the packet being sent or received at a port to this mirror port.