Layer 2 Switching

Layer 2 switching uses the hardware address of devices to segment a network this means
switches and bridges are faster than routers as they don’t look at Network layer header
information before deciding to forward, flood or drop the frame.

Switch Functions at Layer 2

Address learning Layer 2 switches and bridges remember the source hardware address of each
frame received on an interface, into a MAC database called a forward/filter table

Forward/filter decisions When a frame is received on an interface, the switch looks at the
destination hardware address and finds the exit interface in the MAC database. The frame is only
forwarded out the specified destination port.

Loop avoidance If multiple connections between switches are created for redundancy purposes,
network loops can occur. Spanning Tree Protocol (STP) is used to stop network loops while still
permitting redundancy.
The Spanning Tree Protocol was created by DEC (Digital Equipment Corporation) now Compaq.
This is not compatible with the IEEE 802.1d version which Cisco use.

Forward/Filter Decisions

When a frame arrives at a switch interface the destination hardware address is compared to the
forward/filter MAC database. If the database hardware address is listed in the database the frame
is sent out the correct exit interface this is frame filtering.

If the destination MAC address is not in the MAC database then the frame is flooded out all active
interfaces except the interface the frame was received on. If a device answers the flooded frame
the MAC database is updated with the devices location interface.

Looking at the output of a show mac address-table

If the switch received a frame with the following MAC addresses

The destination MAC address is found in the MAC address table and is forwarded out the fa0/3
interface.
Port Security

Preventing unauthorised access e.g someone plugging a host into a switch port or adding a
switch into the office Ethernet jack. By default MAC addresses will dynamically appear in the
MAC forward/filter database.

4 options are available the switchport port-security mac-address mac-address

allows you to assign individual MAC addresses to each switch port.

To set-up a switch port to allow only one host per port and to shut down the port if this rule is
violated.

Now if someone tries to add more than one host the switch port will shutdown. If that happens we
will have to manually go into the switch and enable the port with a no shutdown command.

The sticky command

This command provides static MAC address security without having to type in every MAC
address.

Question
Employees of XYZ Company connect their laptop computers to the office LAN using Ethernet
ports. The Cisco switches used in the company network are configured with port security. At
which layer of the three-layer design model do these switches operate?

A. physical
B. distribution
C. data link
D. access
E. core

Answer D
Access layer

3 main switching methods are

Cut Through - looks at the first 6 bytes of the destination MAC address only
Fragment free cut through - looks at the first 64 bytes only
Store and forward - looks at the entire frame

Store-and-Forward
Stores the Entire Frame before beginning to forward it.
This method allows for the greatest amount of error checking, since the Frame
Check Sequence (FCS) can be run before the frame is forwarded. As always,
there is a tradeoff, since this error checking process makes this the slowest of the
three frame forwarding methods. This method discards frames smaller than 64
bytes (runts) and frames larger than 1518 bytes (giants).

The quickest method is Cut-Through

Only the destination MAC address of the frame is examined before the
forwarding process begins.
This means that the part of the frame is actually being forwarded as it is still
being received! The tradeoff here is that the FCS does not run, so there is
absolutely no error checking with Cut-Through switching.

The middle ground between these two extremes is Fragment-Free

Fragmented frames will not be forwarded the switch examines only the first 64
bytes of the frame for errors, since that is the part of the frame that will be
damaged in case of a collision. There is error checking, but it is not as thorough
as Store-and-Forward.

Duplex Modes

In a network that uses twisted-pair cabling one pair is used to carry the
transmitted signal between 2 nodes. A separate pair is used for the returned
signal. It is possible for signals to pass through both pairs simultaneously.
The ability to communicate in both directions at once is known as full duplex in
full duplex mode there is no contention for the media, a collision domain no
longer exists. In theory the bandwidth is doubled when full duplex is used.

Question
Your boss at asks you about half-duplex and full-duplex Ethernet. What is unique for half-duplex
Ethernet? (Choose two)

A. Half-duplex Ethernet operates in a shared collision domain.

B. Half-duplex Ethernet operates in a private collision domain.
C. Half-duplex Ethernet has higher effective throughput.
D. Half-duplex Ethernet has lower effective throughput.
E. Half-duplex Ethernet operates in a private broadcast domain.

Answer A, D

Explanation
A single device could not be sending a frame and receiving a frame at the same time because it
would mean that a collision was occurring. So, devices simply chose not to send a frame while
receiving a frame. That logic is called half-duplex logic.

Ethernet switches allow multiple frames to be sent over different ports at the same time.
Additionally, if only one device is connected to a switch port, there is never a possibility that a
collision could occur. So, LAN switches with only one device cabled to each port of the switch
allow the use of full-duplex operation. Full duplex means that an Ethernet card can send and
receive concurrently.

Question
What switching method examines the destination MAC address as the frame is being received
and then begins forwarding the frame prior to receiving the entire frame?

A. Fragment Free
B. Store and Forward
C. Modified Cut Through
D. Cut Through

Answer D

Cut Through

Question
Cisco supports three types of switching modes on switches. Which mode of switching can have a
variable latency through the switch?

A. Store-and-forward.
B. Cut-through.
C. Fragment-free.

Answer A

Explanation.
There are 3 primary operating modes that are used for frame switching. These modes are store-
and-forward, cut-through and fragment free. When store-and-forward is used the switch must
receive the whole frame before it can be forwarded. This makes the latency time variable.

Incorrect Answers
B. During a cut-through operation, the switch forwards the frame once it receives the Destination
Address. This keeps the latency constant.
C. The fragment-free mode reads only the first 64 bytes before forwarding the frame. This makes
the latency time practically constant.

Question
Which one of the following statements about an Ethernet LAN is true?

A. The advantage of a full duplex is the ability to transmit data over Mbase2 cable.
B. Full duplex Ethernet requires a point-to-point connection when only two nodes are present.
C. Ethernet switches can use full duplex mode to connect multiple nodes to a single port of a
switch.
D. Half duplex is a cut through packet processing method that is very fast with little error
correction, full duplex is store and forward method that is slower but has better error correction.

Answer B

Explanation
Full duplex always requires there to be a point to point connection.
Incorrect Answers
A. Full duplex is done over CAT 5 cable.
C. Full duplex can only be done if one node is attached to a particular port.
D. Half/Full duplex is independent of cut-through and/or store and forward.