Switch Construction
Part of Networking
How Ethernet switches work internally and how to build or repair switching equipment.
Why This Matters
An Ethernet switch is the most important active device in a modern local network. Unlike a hub, which blindly retransmits every received frame to all ports, a switch learns which MAC addresses are reachable via which ports and forwards frames only to the appropriate port. This intelligence makes switched networks dramatically more efficient and scalable than hub-based networks.
Understanding how switches work internally allows you to configure them more effectively, troubleshoot their behavior, evaluate the technical differences between switch models, and potentially repair failed switches. In a reconstruction context, where purchasing new networking equipment may be difficult, understanding what makes switches fail and how to repair them extends the useful life of available hardware.
The MAC Address Table
The MAC address table (also called the forwarding table or CAM table) is the core data structure of a switch. It maps MAC addresses to switch ports: “MAC address 00:1A:2B:3C:4D:5E is reachable via port 3.”
The switch populates this table through a process called learning. When a frame arrives on port N with source MAC address M, the switch adds an entry: “M is reachable via port N.” The table entry includes a timestamp; entries that have not been refreshed within an aging timer (typically 300 seconds) are deleted.
When the switch needs to forward a frame with destination MAC address D, it looks up D in the table. If found, it forwards only to the specified port. If not found (either the destination has never sent a frame, or its entry has aged out), the switch floods the frame to all ports except the source port — the same behavior as a hub. The destination will likely respond, and the switch will learn its location from the response.
This flooding behavior has implications for security. An attacker who fills the MAC address table with fake entries (CAM table overflow attack) can force the switch to flood all traffic to all ports, enabling eavesdropping. Modern managed switches can mitigate this with port security features that limit how many MAC addresses can be learned on each port.
Switching Fabric and Architecture
The switching fabric is the internal mechanism that moves frames from input ports to output ports. The fabric determines the switch’s maximum throughput and latency.
Shared memory switching: The oldest and simplest approach. All incoming frames are written to a shared memory buffer. The forwarding logic reads frames from the buffer and writes them to output queues. The shared memory is a bottleneck — all frames must pass through it, and memory bandwidth limits total throughput. Adequate for low-speed switches, but a bottleneck for high-performance applications.
Bus-based switching: A shared internal bus connects all ports. Each port takes turns using the bus to forward frames. The bus bandwidth limits total throughput; increasing port count without increasing bus speed reduces per-port available bandwidth. Better than shared memory for moderate loads.
Crossbar switching: A matrix of switching elements where each input port can be connected to any output port simultaneously. With a full crossbar, all ports can exchange frames simultaneously, providing line-rate throughput on all ports. High-performance switches use crossbar fabrics. The crossbar matrix grows quadratically with port count, making it expensive for large switches.
Modern high-port-count switches often use a combination: a full-speed crossbar within a module, with high-capacity inter-module connections (the switch fabric) between modules.
Store-and-Forward vs. Cut-Through Switching
There are two fundamental modes for handling frames at a switch port.
Store-and-forward: The switch receives the complete frame, computes and verifies the CRC, then forwards the frame. If the CRC fails, the frame is discarded rather than forwarded. This ensures that corrupted frames are never propagated. The latency introduced is the time to receive the complete frame (proportional to frame size) plus the lookup and forwarding time.
Cut-through: The switch begins forwarding as soon as it has received the destination MAC address (the first 6 bytes after the preamble), without waiting for the complete frame. This dramatically reduces latency — particularly for small frames. However, cut-through switches can propagate corrupted frames because they forward before the CRC is available.
Fragment-free (runt-free) cut-through: A compromise — the switch waits for the first 64 bytes before forwarding. This ensures that runts (frames shorter than 64 bytes, which indicate a collision) are caught, while still reducing latency compared to full store-and-forward.
Modern switches typically support both modes and can switch between them adaptively: if error rates on a port are high, the switch may temporarily use store-and-forward to avoid propagating errors.
VLAN Implementation
A VLAN (Virtual LAN) partitions a physical switch into multiple logical switches. Ports assigned to different VLANs cannot exchange frames at Layer 2 — they behave as if they were on completely separate physical switches.
VLANs are implemented by tagging frames with a VLAN identifier as they enter the switch (on access ports) or carrying the tag through the switch to another switch (on trunk ports). The switch only forwards frames to ports that are members of the frame’s VLAN.
Access ports: devices connect to access ports; the switch assigns frames arriving on an access port to the port’s configured VLAN and removes the VLAN tag before delivering frames to the connected device.
Trunk ports: connections between switches use trunk ports, which carry frames from multiple VLANs simultaneously. Each frame is tagged with its VLAN ID (802.1Q tag) so the receiving switch knows which VLAN it belongs to.
Inter-VLAN routing requires a router (or a Layer 3 switch with routing capability) because VLANs are separate Layer 2 networks. A “router on a stick” configuration connects a single router port to a trunk port, with sub-interfaces on the router for each VLAN. The router forwards traffic between VLANs while the switch handles intra-VLAN forwarding.
Repairing Commercial Switches
Commercial Ethernet switches commonly fail due to power supply issues, fan failures, and corrupted firmware. Understanding these failure modes enables repair rather than replacement.
Power supply failure: The most common failure. Identify the power supply (integrated or modular), open the switch (most require only a screwdriver), and inspect the power supply capacitors. Domed or leaking capacitors must be replaced with equivalents. Burned components indicate overvoltage or overcurrent events — check for short circuits before replacement.
Fan failure: Causes overheating and thermal shutdown. Replace the fan with an equivalent (same size, voltage, and current rating). Most switch fans are standard DC brushless fans available from electronics suppliers.
NVRAM corruption: The switch’s configuration is stored in non-volatile memory. If the NVRAM corrupts, the switch may boot to factory defaults or fail to boot at all. Recovery procedures vary by manufacturer but typically involve holding a reset button during power-up to boot from a backup image.
Flash memory failure: The operating system firmware is stored in flash memory. Flash wears out after many write cycles (though typical network equipment sees very few configuration changes, so this is rare). Symptoms include failure to boot or boot loops. Recovery requires writing a new firmware image via the console port.
For any repair, consult the switch’s service documentation for procedures specific to that model. Many switch manufacturers publish service manuals and recovery procedures that significantly simplify repair work.