MAC Address Learning
Switches operate at Layer 2 of the OSI reference model, they are more intelligent than hubs. The reason why switches are more intelligent is because they learn which ports hosts are connected to by examining the frames which enter into it.
The switch holds a table of its findings called a CAM table (Content Addressable Memory, also known as ?Forwarding Table? or ?MAC Address Table?); this table maps MAC addresses to Port mappings.
On powering up a switch the CAM table is empty, the switch learns which ports the hosts are connected to by reading the source address from frames which come into it. For example:
?If a frame comes into the switches Port 3 with a Source MAC Address A and Destination MAC Address B, the switch knows MAC Address A is connected to Port 3?
With this knowledge it populates the CAM table with the details. A timestamp is also recorded to record when the mapping was learned.
MAC Address | Port |
---|---|
1 | |
2 | |
A | 3 |
4 | |
5 |
Using the CAM table above, for the time being the switch does not know where to send the frame, it therefore floods the frame out of all its ports (Bit for Bit, the TTL field is not changed), the only port is does not forward it out is the port it came in on.
When the unknown MAC Address B replies, the switch then learns which port it is connected to and populates the CAM table.
MAC Address | Port |
---|---|
1 | |
2 | |
A | 3 |
4 | |
B | 5 |
Over time the switch will populate the CAM table with a full compliment of connected MAC Addresses:
MAC Address | Port |
---|---|
C | 1 |
E | 2 |
A | 3 |
D | 4 |
B | 5 |
note: The CAM table records also have a timeout - the switch will remove any entries from its CAM table if it has not passed any traffic for 5 minutes (300 seconds).
note: You can see all traffic coming in and out of the switch by setting up a ?SPAN Port? (Switch Port Analyzer, also known as Mirrored Port or Diagnosis Port) and plugging it into an analyzer such as Etherreal.
Switching ? Frame Transmission Modes
When a switch receives a frame it can forward the frame on in one of three methods:
- Store and Forward ? As a switch received a frame it will first store the frame until it is fully received and then check the frame against its CRC (Cyclic Redundancy Check) to determine if the frame is not corrupt. If it is corrupt the switch will drop the frame, if it is OK it will be forwarded.
- Cut Through ? Immediately as the switch receives a frame it will start transmitting it out of the destination port, this reduces latency but allows for re-transmission of corrupt frames.
- Fragment Free ? The switch will read the first 64 bytes of an incoming frame before forwarding it on. The reason why it reads this length is because 64 bytes is the minimum Ethernet frame size, but when a collision occurs, a fragment of less than 64 bytes is created. Fragment Free will remove such fragments.
Tidak ada komentar:
Posting Komentar