Você está na página 1de 8

A network switch (sometimes known as a switching hub) is a computer

networking device that is used to connect devices together on a computer


network, by using a form of packet switching to forward data to the
destination device. A network switch is considered more advanced than a hub
because a switch will only forward a message to one or multiple devices that
need to receive it, rather than broadcasting the same message out of each of
its ports.[1]
A network switch is a multiport network bridge that processes and forwards
data at the data link layer (layer !) of the "#$ model. #witches can also
incorporate routing in addition to bridging% these switches are commonly
known as layer& or multilayer switches.[!] #witches e'ist for various types of
networks including (ibre )hannel, Asynchronous *ransfer +ode, $n,ni-and,
.thernet and others. *he ,rst .thernet switch was introduced by /alpana in
1001.[&]A switch is a device used on a computer network to physically
connect devices together. +ultiple cables can be connected to a switch to
enable networked devices to communicate with each other. #witches manage
the 2ow of data across a network by only transmitting a received message to
the device for which the message was intended. .ach networked device
connected to a switch can be identi,ed using a +A) address, allowing the
switch to regulate the 2ow of tra3c. *his ma'imises security and e3ciency of
the network.
-ecause of these features, a switch is often considered more 4intelligent4
than a network hub. 5ubs neither provide security, or identi,cation of
connected devices. *his means that messages have to be transmitted out of
every port of the hub, greatly degrading the e3ciency of the network.
6etwork design[edit]
An .thernet switch operates at the data link layer of the "#$ model to create
a separate collision domain for each switch port. .ach computer connected to
a switch port can transfer data to any of the other ones at a time, and the
transmissions will not interfere with the limitation that, in half duple' mode,
each line can only either receive from or transmit to its connected computer
at a certain time. $n full duple' mode, each line can simultaneously transmit
and receive, regardless of the partner.
$n the case of using a repeater hub, only a single transmission could take
place at a time for all ports combined, so they would all share the bandwidth
and run in half duple'. 6ecessary arbitration would also result in collisions
re7uiring retransmissions.
Applications[edit]
*he network switch plays an integral part in most modern .thernet local area
networks (8A6s). +idtolarge si9ed 8A6s contain a number of linked
managed switches. #mall o3ce:home o3ce (#"5") applications typically use
a single switch, or an allpurpose converged device such as a residential
gateway to access small o3ce:home broadband services such as ;#8 or
cable $nternet. $n most of these cases, the enduser device contains a router
and components that interface to the particular physical broadband
technology. <ser devices may also include a telephone interface for =oice
over $> (=o$>) protocol.
+icrosegmentation[edit]
#egmentation is the use of a bridge or a switch (or a router) to split a larger
collision domain into smaller ones in order to reduce collision probability and
improve overall throughput. $n the e'treme, i. e. microsegmentation, each
device is located on a dedicated switch port. $n contrast to an .thernet hub,
there is a separate collision domain on each of the switch ports. *his allows
computers to have dedicated bandwidth on pointtopoint connections to the
network and also to run in fullduple' without collisions. (ullduple' mode has
only one transmitter and one receiver per ?collision domain?, making collisions
impossible.
@ole of switches in a network[edit]
#witches may operate at one or more layers of the "#$ model, including the
data link and network layers. A device that operates simultaneously at more
than one of these layers is known as a multilayer switch.
$n switches intended for commercial use, builtin or modular interfaces make
it possible to connect diAerent types of networks, including .thernet, (ibre
)hannel, A*+, $*<* B.hn and C1!.11. *his connectivity can be at any of the
layers mentioned. Dhile layer! functionality is ade7uate for bandwidth
shifting within one technology, interconnecting technologies such as .thernet
and token ring is easier at layer &.
;evices that interconnect at layer & are traditionally called routers, so layer&
switches can also be regarded as (relatively primitive) routers.
Dhere there is a need for a great deal of analysis of network performance
and security, switches may be connected between DA6 routers as places for
analytic modules. #ome vendors provide ,rewall,[E][F] network intrusion
detection,[G] and performance analysis modules that can plug into switch
ports. #ome of these functions may be on combined modules.[H]
$n other cases, the switch is used to create a mirror image of data that can go
to an e'ternal device. #ince most switch port mirroring provides only one
mirrored stream, network hubs can be useful for fanning out data to several
readonly analy9ers, such as intrusion detection systems and packet sniAers.
8ayerspeci,c functionality[edit]
+ain articleI +ultilayer switch
A modular network switch with three network modules (a total of !E .thernet
and 1E (ast .thernet ports) and one power supply.
Dhile switches may learn about topologies at many layers, and forward at
one or more layers, they do tend to have common features. "ther than for
highperformance applications, modern commercial switches use primarily
.thernet interfaces.
At any layer, a modern switch may implement power over .thernet (>o.),
which avoids the need for attached devices, such as a =o$> phone or wireless
access point, to have a separate power supply. #ince switches can have
redundant power circuits connected to uninterruptible power supplies, the
connected device can continue operating even when regular o3ce power
fails.
8ayer 1 (5ubs versus higherlayer switches)[edit]
A network hub, or repeater, is a simple network device. @epeater hubs do not
manage any of the tra3c that comes through them. Any packet entering a
port is 2ooded out or 4repeated4 on every other port, e'cept for the port of
entry. #ince every packet is repeated on every other port, packet collisions
aAect the entire network, limiting its capacity.
A switch creates the J originally mandatory J 8ayer 1 endtoend connection
only virtually. $ts bridge function selects which packets are forwarded to which
port(s) on the basis of information taken from layer ! (or higher), removing
the re7uirement that every node be presented with all data. *he connection
lines are not 4switched4 literally, it only appears like this on the packet level.
4-ridging hub4, 4switching hub4, or 4multiport bridge4 would be more
appropriate terms.
*here are speciali9ed applications where a hub can be useful, such as
copying tra3c to multiple network sensors. 5igh end switches have a feature
which does the same thing called port mirroring.
-y the early !111s, there was little price diAerence between a hub and a low
end switch.[C]
8ayer ![edit]
A network bridge, operating at the data link layer, may interconnect a small
number of devices in a home or the o3ce. *his is a trivial case of bridging, in
which the bridge learns the +A) address of each connected device.
#ingle bridges also can provide e'tremely high performance in speciali9ed
applications such as storage area networks.
)lassic bridges may also interconnect using a spanning tree protocol that
disables links so that the resulting local area network is a tree without loops.
$n contrast to routers, spanning tree bridges must have topologies with only
one active path between two points. *he older $... C1!.1; spanning tree
protocol could be 7uite slow, with forwarding stopping for &1 seconds while
the spanning tree reconverged. A @apid #panning *ree >rotocol was
introduced as $... C1!.1w. *he newest standard #hortest path bridging ($...
C1!.1a7) is the ne't logical progression and incorporates all the older
#panning *ree >rotocols ($... C1!.1; #*>, $... C1!.1w @#*>, $... C1!.1s
+#*>) that blocked tra3c on all but one alternative path. $... C1!.1a7
(#hortest >ath -ridging #>-) allows all paths to be active with multiple e7ual
cost paths, provides much larger layer ! topologies (up to 1G million
compared to the E10G =8A6s limit),[0] faster convergence, and improves the
use of the mesh topologies through increase bandwidth and redundancy
between all devices by allowing tra3c to load share across all paths of a
mesh network.[11][11][1!][1&]
Dhile layer ! switch remains more of a marketing term than a technical term,
[citation needed] the products that were introduced as 4switches4 tended to
use microsegmentation and (ull duple' to prevent collisions among devices
connected to .thernet. -y using an internal forwarding plane much faster
than any interface, they give the impression of simultaneous paths among
multiple devices. ?6onblocking? devices use a forwarding plane or e7uivalent
method fast enough to allow full duple' tra3c for each port simultaneously.
"nce a bridge learns the addresses of its connected nodes, it forwards data
link layer frames using a layer ! forwarding method. *here are four
forwarding methods a bridge can use, of which the second through fourth
method were performanceincreasing methods when used on 4switch4
products with the same input and output port bandwidthsI
#tore and forwardI *he switch buAers and veri,es each frame before
forwarding it.
)ut throughI *he switch reads only up to the frame?s hardware address
before starting to forward it. )utthrough switches have to fall back to store
and forward if the outgoing port is busy at the time the packet arrives. *here
is no error checking with this method.
(ragment freeI A method that attempts to retain the bene,ts of both store
and forward and cut through. (ragment free checks the ,rst GE bytes of the
frame, where addressing information is stored. According to .thernet
speci,cations, collisions should be detected during the ,rst GE bytes of the
frame, so frames that are in error because of a collision will not be forwarded.
*his way the frame will always reach its intended destination. .rror checking
of the actual data in the packet is left for the end device.
Adaptive switchingI A method of automatically selecting between the other
three modes.
Dhile there are speciali9ed applications, such as storage area networks,
where the input and output interfaces are the same bandwidth, this is not
always the case in general 8A6 applications. $n 8A6s, a switch used for end
user access typically concentrates lower bandwidth and uplinks into a higher
bandwidth.
8ayer &[edit]
Dithin the con,nes of the .thernet physical layer, a layer& switch can
perform some or all of the functions normally performed by a router. *he
most common layer& capability is awareness of $> multicast through $B+>
snooping. Dith this awareness, a layer& switch can increase e3ciency by
delivering the tra3c of a multicast group only to ports where the attached
device has signaled that it wants to listen to that group.
8ayer E[edit]
Dhile the e'act meaning of the term layerE switch is vendordependent, it
almost always starts with a capability for network address translation, but
then adds some type of load distribution based on *)> sessions.[1E]
*he device may include a stateful ,rewall, a =>6 concentrator, or be an $>#ec
security gateway.
8ayer H[edit]
8ayerH switches may distribute loads based on <niform @esource 8ocator
<@8 or by some installationspeci,c techni7ue to recogni9e applicationlevel
transactions. A layerH switch may include a web cache and participate in a
content delivery network.[1F]
@ackmounted !Eport &)om switch
*ypes of switches[edit]
(orm factor[edit]
;esktop, not mounted in an enclosure, typically intended to be used in a
home or o3ce environment outside of a wiring closet.
@ackmounted, a switch that mounts in an e7uipment rack.
)hassis, with swappable module cards.
;$6 railJmounted, normally seen in industrial environments.
)on,guration options[edit]
<nmanaged switches J these switches have no con,guration interface or
options. *hey are plug and play. *hey are typically the least e'pensive
switches, and therefore often used in a small o3ce:home o3ce environment.
<nmanaged switches can be desktop or rack mounted.
+anaged switches J these switches have one or more methods to modify the
operation of the switch. )ommon management methods includeI a
commandline interface ()8$) accessed via serial console, telnet or #ecure
#hell, an embedded #imple 6etwork +anagement >rotocol (#6+>) agent
allowing management from a remote console or management station, or a
web interface for management from a web browser. .'amples of
con,guration changes that one can do from a managed switch includeI
enabling features such as #panning *ree >rotocol or port mirroring, setting
port bandwidth, creating or modifying =irtual 8A6s (=8A6s), etc. *wo sub
classes of managed switches are marketed todayI
#mart (or intelligent) switches J these are managed switches with a limited
set of management features. 8ikewise 4webmanaged4 switches are switches
which fall into a market niche between unmanaged and managed. (or a price
much lower than a fully managed switch they provide a web interface (and
usually no )8$ access) and allow con,guration of basic settings, such as
=8A6s, portbandwidth and duple'.[1G]
.nterprise +anaged (or fully managed) switches J these have a full set of
management features, including )8$, #6+> agent, and web interface. *hey
may have additional features to manipulate con,gurations, such as the ability
to display, modify, backup and restore con,gurations. )ompared with smart
switches, enterprise switches have more features that can be customi9ed or
optimi9ed, and are generally more e'pensive than smart switches. .nterprise
switches are typically found in networks with larger number of switches and
connections, where centrali9ed management is a signi,cant savings in
administrative time and eAort. A stackable switch is a version of enterprise
managed switch.
*ypical switch management features[edit]
8inksys ECport switch
5> >rocurve rackmounted switches mounted in a standard *elco @ack 10
inch rack with network cables
*urn particular port range on or oA
8ink bandwidth and duple' settings
>riority settings for ports
$> +anagement by $> )lustering
+A) ,ltering and other types of 4port security4 features which prevent +A)
2ooding
<se of #panning *ree >rotocol
#6+> monitoring of device and link health
>ort mirroring (also known asI port monitoring, spanning port, #>A6 port,
roving analysis port or link mode port)
8ink aggregation (also known as bonding, trunking or teaming) allows the use
of multiple ports for the same connection achieving higher data transfer rates
=8A6 settings. )reating =8A6s can serve security and performance goals by
reducing the si9e of the broadcast domain
C1!.1K network access control
$B+> snooping
*ra3c monitoring on a switched network[edit]
<nless port mirroring or other methods such as @+"6, #+"6 or s(low are
implemented in a switch,[1H] it is di3cult to monitor tra3c that is bridged
using a switch because only the sending and receiving ports can see the
tra3c. *hese monitoring features are rarely present on consumergrade
switches.
*wo popular methods that are speci,cally designed to allow a network analyst
to monitor tra3c areI
>ort mirroring J the switch sends a copy of network packets to a monitoring
network connection.
#+"6 J 4#witch +onitoring4 is described by @() !G1& and is a protocol for
controlling facilities such as port mirroring.
Another method to monitor may be to connect a layer1 hub between the
monitored device and its switch port. *his will induce minor delay, but will
provide multiple interfaces that can be used to monitor the individual switch
port.