A network switch differs from a hub in one very important way; it stores in memory the MAC addresses of the devices connected to it and the port to which each MAC address is attached. This enables it to limit the sending of packets to only the port on which the target devices are located instead of out every port.
Each port on the switch creates a separate collision domain; a packet is presented to only the devices connected to the same switch port. Broadcasts are an exception. Broadcast packets are sent out every switch port. Therefore, our entire network in Figure 1 is still a single broadcast domain.
Figure 2 shows an example of a packet sent from WS 1 and addressed to DB 1. The packet travels from WS 1 to the switch. Notice that WS 2, SVR 1, PL 1, and MAIL 1 didn’t see the packet, because each of them is attached to its own switch port; each of them is on its own collision domain.
The switch examines the packet, determines the port to which DB 1 is attached by looking up DB 1’s MAC address in its memory, and forwards it. In this case, the packet travels to the hub. The hub has no MAC address. Instead, the switch sees the MAC addresses of the devices connected to the hub. Since packets moving through a hub are delivered to all ports, all devices connected to the hub receive the packet. Figure 3 shows the path taken by a return packet.
A return packet from DB 1 to WS 1 travels back to the hub where it’s distributed to all devices in the collision domain, including the switch. Once the packet reaches the switch, it’s examined, the MAC address located, and then sent out the appropriate port to WS 1. Once again, WS 2, SVR 1, PL 1, and MAIL 1 are not bothered by unwanted traffic. By dividing your network into multiple collision domains through the use of a switch, you minimize the amount of unnecessary traffic each NIC must examine. You also reduce the number of collisions and retransmits. In addition, segmenting your network with a switch can also help prevent packet captures by uninvited guests.
Tables and Figures (Hover for caption, click to enlarge)
Collision - When two devices in the same Ethernet network segment attempt to send a packet at the same time, a collision occurs. Each device waits a random period before attempting to transmit again.
Collision Domain - A network segment in which the packets of two or more network devices may collide when transmitted at the same time.
Database Server - A database server is used to manage large amounts of production data. Data in a database server are organized into tables and the tables into databases. The software used to manage the databases is commonly called a Database Management System, or DBMS. Microsoft SQL Server is an example of a DBMS.
Email Server - An email server is used to manage, send, and deliver email within your organization and across the Internet. To do this, it must run special email software, like Microsoft Exchange.
This post is part of the series: Introduction to Local and Wide Area Networks
Understanding how networks work is an important first step in understanding information security. This series provides everything you need to know to get started.
- Introduction to Local and Wide-area Networks - Part 1
- Introduction to Local and Wide-area Networks - Part 2
- Introduction to Local and Wide-area Networks - Part 3
- Introduction to Local and Wide-area Networks - Part 4
- Introduction to Local and Wide-area Networks - Part 5
- Introduction to Local and Wide-area Networks - Part 6
- The Importance of Wireless Connectivity