Ethernet and Switching Basics

# CHAPTER 6

Ethernet and Switching Basics #

1. Introduction #

If the IP address is the global mailing address, the Ethernet Frame is the mail cart that moves the data from your desk to the mailroom. We are returning to the foundation: Layer 2 of the OSI Model. In a modern office, hundreds of computers are physically plugged into a single piece of hardware called a Network Switch. A switch is an incredibly fast, highly intelligent traffic cop that dictates exactly where physical electricity is allowed to flow. In this chapter, we will dissect the Ethernet Frame, memorize the function of the MAC address, and analyze the exact logic a switch uses to build its internal map and eliminate network collisions.

2. Learning Objectives #

By the end of this chapter, you will be able to:

• Define the structure of an 802.3 Ethernet Frame.

• Explain the physical uniqueness and format of a MAC Address.

• Understand the 3 primary functions of a Network Switch (Learn, Forward, Flood).

• Describe how a switch builds its MAC Address Table.

• Differentiate between a Collision Domain and a Broadcast Domain.

3. Beginner-friendly Explanations #

The Hotel Switchboard (How a Switch works): Imagine an old hotel with 24 rooms. In the basement is a Telephone Switchboard (The Switch) with 24 physical cable ports.

• Room 1 (MAC A) wants to call Room 5 (MAC B).

• The Operator looks at her ledger (The MAC Address Table): "Room 1 is plugged into Port 1. Room 5 is plugged into Port 5."

• She physically plugs a wire connecting Port 1 directly to Port 5.

• *Crucially,* the other 22 rooms hear absolutely nothing. The conversation is entirely private and isolated. This is why Switches are fast and secure.

4. Ethernet Frames and MAC Addresses #

At Layer 2, computers do not care about IP addresses. They communicate using MAC (Media Access Control) Addresses. A MAC address is a 48-bit hexadecimal number permanently burned into a network card at the factory (e.g., aa:bb:cc:dd:ee:ff). When your computer sends data to the printer, it wraps the data in an Ethernet Frame. The Ethernet Frame header contains only two critical pieces of routing information:

1. 1. Destination MAC Address

1. 2. Source MAC Address

5. How a Switch Builds its Brain (The MAC Table) #

When you unbox a brand new Cisco switch and turn it on, its brain (The MAC Address Table) is completely empty. How does it learn?

1. 1. Learning: PC A (MAC AA) plugs into Port 1 and sends a frame. The switch looks at the *Source MAC* and thinks: *"Ah! MAC AA lives on Port 1."* It writes this in the table.

1. 2. Flooding: PC A is trying to reach PC B (MAC BB). The switch looks at its table for BB. It doesn't know where it is. So, the switch Floods the frame out of every single port (except Port 1).

1. 3. Forwarding: PC B receives the flooded frame and replies. The switch looks at the Source MAC of the reply and thinks: *"Ah! MAC BB lives on Port 2."*

From now on, when A talks to B, the switch instantly forwards it directly from Port 1 to Port 2. No more flooding!

6. Collision Domains vs. Broadcast Domains #

This is a heavily tested CCNA concept.

• Collision Domain: A physical area where two computers sending data at the exact same time will cause the electricity to crash and corrupt the data.

• *The Rule:* Every single port on a Switch is its own separate Collision Domain. A 24-port switch has 24 collision domains. Switches eliminate collisions!

• Broadcast Domain: A logical area where a "Shout" (Broadcast frame, like ARP) can be heard.

• *The Rule:* A switch does NOT stop Broadcasts. If PC A shouts, the switch copies the shout to all 24 ports. A 24-port switch is ONE massive Broadcast Domain. (To break up a Broadcast Domain, you need a Router).

7. Diagrams/Visual Suggestions #

*Visual Concept: The MAC Address Table* Draw a Switch in the middle. Connect PC A to Port 1, PC B to Port 2. Draw a table next to the switch with two columns: "MAC Address" and "Port". Show an arrow from PC A to the Switch. Show the Switch "writing" PC A's MAC into the table next to "Port 1". This visualizes the dynamic "Learning" phase of a switch.

8. Best Practices #

• Port Security: In a corporate lobby, an attacker could unplug the lobby phone and plug their laptop into the wall switch port. To prevent this, configure Port Security. You command the Cisco switch to memorize the MAC address of the phone on Port 5. If the switch ever detects a different MAC address on Port 5, it instantly shuts the port down.

9. Common Mistakes #

• Confusing Hubs with Switches: In the 1990s, we used "Hubs." A hub is a dumb brick. If data comes in Port 1, a hub blindly copies it out all ports, causing massive collisions. A Switch uses silicon microchips (ASICs) to read the MAC address and forward it intelligently. Never buy a Hub.

10. Mini Project: View Your ARP Cache #

Your computer has its own mini MAC table.

1. 1. Open a Command Prompt (Windows) or Terminal (Mac/Linux).

1. 2. Type arp -a.

1. 3. You will see a list of IP addresses mapping directly to Physical MAC Addresses. Your computer uses this list to build the Ethernet Frames before sending them to the Switch!

11. Practice Exercises #

1. 1. Explain the three primary actions a Layer 2 switch takes when handling Ethernet frames (Learn, Forward, Flood).

1. 2. Why does a standard 24-port network switch completely eliminate collisions, but fail to eliminate broadcast traffic?

12. MCQs with Answers #

13. Interview Questions #

• Q: Walk me through the exact process a brand new, unconfigured switch uses to populate its MAC Address Table from scratch. Which MAC address (Source or Destination) does it use to learn?

• Q: Explain the difference between a Collision Domain and a Broadcast Domain. What specific hardware device is required to break a network into multiple Broadcast Domains?

• Q: What is the specific broadcast MAC address used in an Ethernet Frame when a host wants every device on the local network to receive the message?

14. FAQs #

Q: Do switches have IP addresses? A: Standard Layer 2 switches do not use IP addresses to move traffic. However, you as the administrator will assign a single IP address to the switch's "Management Interface" (VLAN 1) purely so you can log into it remotely using SSH to configure it.

15. Summary #

In Chapter 6, we demystified the physical traffic cops of the local network: Layer 2 Switches. We learned that switches are blind to IP addresses and route entirely based on the 48-bit MAC addresses found within the Ethernet Frame header. We detailed the dynamic process by which a switch populates its MAC Address Table by reading Source MACs, and how it resorts to "Flooding" when a Destination MAC is unknown. Finally, we defined the critical boundary that switches establish: creating isolated Collision Domains on every port, while remaining one massive, noisy Broadcast Domain.

16. Next Chapter Recommendation #

A single 48-port switch is one massive Broadcast Domain. If everyone shouts at once, the network slows down. How do we fix this without buying more switches? Proceed to Chapter 7: VLANs and Trunking.