Days 5, 6: Ethernet LAN Switching CCNA 200-301 Study Guide: Ethernet Switching and ARP 1.0 Ethernet's Role in the LAN: Layer 2 Fundamentals Ethernet is the foundational technology for modern Local Area Networks (LANs). It defines how devices connect and communicate within a local environment across Layers 1 and 2 of the OSI model. Layers of Operation Layer 1 (Physical): Defines cabling (Fiber, UTP), connectors (RJ-45), and electrical/optical signaling. Layer 2 (Data Link): Establishes media access rules and physical addressing via MAC addresses. The Function of a Network Switch Switches are Layer 2 devices that make intelligent forwarding decisions, creating a more efficient network than legacy hubs. Concept Definition Switch Impact Collision Domain A network section where packets can collide if sent simultaneously. Each switch port is a separate collision domain. In full-duplex, collisions are eliminated. Broadcast Domain The area where a broadcast frame (sent to all) is propagated. Switches forward broadcasts out all ports. Only routers (Layer 3) segment broadcast domains. Duplex Communication Modes Half-Duplex: One-way communication at a time. Uses CSMA/CD to manage collisions. (Legacy/Hubs). Full-Duplex: Simultaneous two-way communication. Standard in modern switching; eliminates collisions. 2.0 Anatomy of an Ethernet Frame The Ethernet frame is the Layer 2 Protocol Data Unit (PDU). The standard Ethernet II frame structure is detailed below: Field Size Description Preamble 7 Bytes Alternating 1s and 0s for clock synchronization. SFD 1 Byte Start Frame Delimiter; signals the start of the Destination MAC. Destination MAC 6 Bytes Address of the recipient. FFFF.FFFF.FFFF indicates a broadcast. Source MAC 6 Bytes Address of the sender. Used by switches to learn device locations. Type / Length 2 Bytes Value $\ge 1536$ = Type (e.g., 0x0800 for IPv4). Value $\le 1500$ = Length. Data (Payload) 46–1500 B Encapsulated Layer 3 packet. Padding added if $< 46$ bytes. FCS 4 Bytes Frame Check Sequence; uses CRC to detect transmission errors. 3.0 Understanding MAC Addressing A Media Access Control (MAC) address is a 48-bit (6-byte) unique physical identifier "burned into" the NIC. Format: 12 Hexadecimal characters (e.g., 000C.29B0.119D). MAC Address Structure OUI (Organizationally Unique Identifier): The first 3 bytes. Assigned by the IEEE to manufacturers (e.g., Cisco, Intel). NIC Specific: The last 3 bytes. A unique serial number assigned by the manufacturer. 4.0 The Core Logic of an Ethernet Switch Switches use a MAC Address Table (also known as the CAM Table) to map MAC addresses to physical ports. A. The Learning Process Switch receives a frame. Inspects the Source MAC. Records the MAC and the incoming port in the table. Aging: Entries are removed after 300 seconds (default) if no new traffic is seen from that MAC. B. The Forwarding Process Decision based on the Destination MAC: Destination Type Condition Action Known Unicast MAC is in the table. Forward out the specific port only. Unknown Unicast MAC is NOT in the table. Flood: Send out all ports except the source. Broadcast MAC is FFFF.FFFF.FFFF. Flood: Send out all ports except the source. Multicast MAC starts with 0100.5E. Flood (unless IGMP Snooping is active). C. Internal Switching Methods Store-and-Forward: Receives entire frame, checks CRC (error check), then forwards. Most reliable. Cut-Through: Forwards as soon as the Destination MAC is read. Fastest, but forwards errors. Fragment-Free: Buffers the first 64 bytes (where most collisions occur) before forwarding. 5.0 Bridging the Gap: Address Resolution Protocol (ARP) ARP resolves a known Layer 3 IP address to an unknown Layer 2 MAC address. ARP Request: A broadcast (FFFF.FFFF.FFFF) asking "Who has IP X.X.X.X?" ARP Reply: A unicast response from the target device providing its MAC address. ARP Cache: Devices store these mappings locally to avoid repeated broadcasts. Cisco Check: show arp Windows Check: arp -a 6.0 Practical Verification (Cisco IOS) MAC Table Commands show mac address-table: Displays the CAM table. clear mac address-table dynamic: Flushes all learned entries. clear mac address-table dynamic interface [ID]: Flushes entries for a specific port. Ping Output Symbols !: Success (ICMP Echo Reply received). .: Timeout (Commonly seen on the first ping due to ARP resolution delay). U: Unreachable (Routing error; no path to the destination). 7.0 Synthesis: The Operational Loop Host A wants to talk to Host B (IP known, MAC unknown). Host A sends an ARP Request (Broadcast). Switch learns Host A's MAC and floods the ARP Request. Host B sends an ARP Reply (Unicast). Switch learns Host B's MAC and forwards the reply to Host A. Host A encapsulates the data in a frame and sends it; the Switch performs Known Unicast forwarding.