Network switch

A switch can connect Ethernet, Token Ring, or other types of network segments together to form a heterogenous network operating at OSI Layer 2.

Switches differ mainly from hubs in that they perform microsegmentation. Microsegmentation is a term used to describe the segmentation of a collision domain into as many segments as there are circuits, minus one. This microsegmentation performed by the switch cuts the collision domain down so that only two nodes coexist within each collision domain. This way, collisions are decreased and only the two NICs which are directly connected via a point-to-point link are contending for the medium.

This point-to-point approach allows the switch to connect multiple pairs of segments at a time allowing more than one computer to transmit data at a time, without causing collisions.

There are four ways in which a switch can operate:

• Cut through
• Store and forward
• Fragment free
• Adaptive switching

Switches provide difficulties in monitoring traffic because each port is isolated until it transmits data, and even then only the sending and receiving ports are connected.

Two popular methods that are specifically designed to allow a network manager to monitor traffic are:

• Port mirroring -- the switch sends a copy of network packets to a monitoring network connection.
• SMON -- "Switch Monitoring" is described by RFC 2613 and is a protocol for controlling facilities such as port mirroring.

• ARP Spoofing -- fooling the target computer into using your own MAC address for the network gateway, or alternatively getting it to use the broadcast MAC.
• MAC Flooding -- overloading the switch with a large number of MAC addresses, so that it drops into a "failopen mode".

• Router
• Multilayer switch
• Telephone switch

Source | Copyright