Switching Concepts

Understanding how Layer 2 switches process Ethernet frames is essential for the CCNA exam. Switches are the most common devices in enterprise LANs, and their behavior is the foundation for VLANs, STP, and EtherChannel.

MAC Address Table (CAM Table)

The MAC address table (also called the Content Addressable Memory (CAM) table) maps MAC addresses to switch ports. This table is how the switch knows where to send frames.

MAC Address Learning

When a frame arrives on a switch port:

1. The switch reads the source MAC address
2. It records the MAC address and the port it arrived on in the MAC address table
3. If the MAC address already exists but on a different port, the switch updates the entry
4. Each entry has a timer that resets when the MAC is seen again (default: 300 seconds)

MAC Address Table Example

Viewing the MAC address table on Cisco IOS:

Switch# show mac address-table
Switch# show mac address-table dynamic
Switch# show mac address-table address 00:1A:2B:3C:4D:5E

Frame Forwarding Decisions

When a switch receives a frame, it makes one of three decisions based on the destination MAC address:

1. Known Unicast (Forward)

If the destination MAC is in the MAC address table, the switch forwards the frame out the specific port associated with that MAC. This is the most efficient forwarding behavior.

2. Unknown Unicast (Flood)

If the destination MAC is NOT in the MAC address table, the switch floods the frame out all ports in the VLAN except the port it was received on. This ensures the frame reaches its destination even when the switch doesn't know where it is.

3. Broadcast (Flood)

If the destination MAC is the broadcast address (FF:FF:FF:FF:FF:FF), the switch floods the frame out all ports in the VLAN. ARP requests are a common example of broadcast frames.

4. Multicast

By default, switches treat multicast frames like broadcasts and flood them. With IGMP snooping enabled, the switch can forward multicast frames only to ports that have requested the multicast group.

Frame Switching Methods

On the Exam: Modern Cisco Catalyst switches use store-and-forward switching by default. This is the most reliable method because it checks the frame's CRC before forwarding, preventing corrupt frames from consuming bandwidth.

Collision Domains and Broadcast Domains

Understanding domain boundaries is critical:

Key facts:

• Each switch port is a separate collision domain (assuming full-duplex)
• All ports in the same VLAN are in the same broadcast domain
• Routers create broadcast domain boundaries
• Switches create collision domain boundaries but NOT broadcast domain boundaries (within a VLAN)

Example: 24-Port Switch

• Collision domains: 24 (one per port)
• Broadcast domains: 1 (if all ports are in the same VLAN)

Example: 24-Port Switch with 3 VLANs

• Collision domains: 24 (one per port)
• Broadcast domains: 3 (one per VLAN)

On the Exam: A common question pattern: "How many collision domains and broadcast domains exist in this topology?" Count each switch port as a collision domain, and count each VLAN (or each router interface) as a broadcast domain boundary.