Functions and working processes of vswitches

Source: Internet
Author: User

1. vswitch Overview:

A vswitch is a layer-2 device. However, as technology continues to improve, three-layer switches and multi-layer switches have emerged. This article describes some features of L2 switches.


Ii. Functions of the vswitch:

1. Address Learning

Some areas are also called source MAC address-based learning. This function is mainly used to learn and store MAC addresses.

2. Frame Forwarding/filtering

Data Frame Forwarding is mainly because the switch can forward data according to the MAC address table. filtering is to block or discard some restricted data.

3. Loop avoidance

Some Characteristics of A vswitch may cause some problems, such as forming a loop. To ensure correct data transmission and stable network, some measures should be taken to avoid these problems, it is mainly implemented through STP and will be discussed later.


Iii. Switch operation process:

The vswitch must maintain several tables during operation, such as the cam table and VLAN. data table. The cam table is used to save the learned MAC address, and the VLAN. data file is used to save VLAN-related information.


1. when a vswitch is powered on, its MAC address table is empty. When other connected devices (such as PCs, vswitches, and vrouters) send a message to it, the switch processes the data based on the source MAC and target Mac, because the first packet is sent, at this time, the switch associates the source MAC address and data from the port number of the switch, and adds the VLAN number to save it to form a cam table entry. Because the MAC address of the vswitch is empty, it does not know where the data destination is, at this time, the switch will send an ARP request to broadcast data from all ports except the data incoming ports. This process is called flood. When the target host receives the data, it will return a response packet, tell the switch its own MAC address. At this time, the switch will associate the MAC address and the incoming port of the target host with the VLAN number based on the packet returned by the target host to form a new cam table entry. This process is address learning. Let's take a closer look at the figure below.

650) This. width = 650; "src =" "style =" float: none; "Title =" switch.jpg "alt =" wkiom1otm3vavy7daacmjqn4wns099.jpg "/>

Now pC1 and PC2 need to communicate (for example, a ping packet), pC1 will issue a data packet in the following format:

Source Mac

Target Mac

Source IP Address

Target IP Address



After the data is obtained from pC1 to SW1, the switch will view the target Mac. If the source MAC: 1111 is not in the cam table, the switch will make a record, it will save the correspondence between the source MAC address and the port plus the VLAN number to the cam table, for example:

MAC address

Port Number





Then he will look at the target Mac, because the switch does not know how to go through 2222 at this time, so it will go to port F0/2 except for the port that comes in from the F0/1 data, f0/3 forwards ARP requests, which are roughly the number of MAC addresses of After the packet is sent, PC2 and PC3 will receive data packets. PC3 will split the packet and find that it is not its own IP address, it will discard the data. After PC2 receives the data, it will find that the target IP address is its own, at this time, PC2 will send a response. Tell the vswitch "I am, and my mac address is 2222. After receiving a response, the switch adds a corresponding relationship to the cam table.

MAC address

Port Number





After this process, SW1 has learned two MAC addresses. If pC1 or PC2 needs to communicate with PC3, it will repeat the above steps. SW1 will be able to learn the MAC address of PC3.

However, if the position of pC1 and PC2 changes, F0/1 is connected to PC2 and F0/2 To pC1. After a data communication and address learning process, the MAC address corresponding to port F0/1 is changed to 2222.2222.2222. The MAC address of F0/2 is changed to 1111.1111.1111. This is because the switch always follows the last learned MAC address.


2. after the switch learns all the MAC addresses in the CIDR Block of the direct connection, if there are more packets, the switch will process the data according to the corresponding entries in the cam table, or the figure above. PC1 needs to communicate with PC2. When a packet enters SW1, the switch first looks at the source and target MAC addresses, and then looks at the cam table, because the cam table already has a corresponding relationship with MAC address 2222 of Pc2 corresponding to port F0/2, the data is directly sent from F0/2 instead of sent to PC3. This is the data forwarding of the vswitch. If the sender and receiver are not in the same network segment, or in different VLANs, or perform layer-2 ACLs on the vswitch, the data will be filtered out.

There are three ways to forward a vswitch:

Direct forwarding

Storage forwarding

Segment forwarding

Direct forwarding does not verify the data and directly sends the data from the corresponding port. This can easily cause a lot of useless data frame fragments (such as frame fragment, bad frame, and wrong frame ).

For storage and forwarding, the entire data frame is stored first, and then verified before forwarding. Although this reduces the error frame, the overall storage verification for each frame will occupy a lot of system resources.

Segment forwarding combines the advantages of direct forwarding and storage forwarding. It only checks the first 64 bytes of the data frame and forwards the data when the verification passes, this ensures data correctness and enables fast data forwarding.

Of course, the above three forwarding methods have their own characteristics for different application environments.


3. Due to the address learning and forwarding functions of the vswitch, some potential problems may occur. As shown in, pC1 needs to communicate with pc2. Let's analyze the data flow direction:

650) This. width = 650; "src =" "Title =" stp.jpg "style =" float: none; "alt =" wKiom1OtM37RSSU-AACi_scyDFM820.jpg "/>

There are two situations:

I. when SW1 F0/2 receives data, first add a MAC address ing. The address 1111.1111.1111 is learned from F0/2, view the cam table and find that the MAC address 2222.2222.2222 is not in the cam table. Then, he will forward the data to all ports except F0/2, so the data will be forwarded from F0/1, there are two cases:

A. PC2 correctly receives the data and returns a data packet.

B. When sw2 receives the data, add a MAC address ing. The address 1111.1111.1111 is learned from F1/1. Then, check the cam table and find that there is no corresponding MAC address. Then, all ports Except F1/1, namely F1/2, are forwarded, return to SW1 and pass it between SW1 and sw2. Creates a broadcast storm.

II. when F1/2 of sw2 receives data, add a MAC address entry in step 1. 1111.1111.1111 is learned from F1/2. In this case, because 1111.1111.1111 is learned from F1/1, at this time, the corresponding relationship in the cam table will be changed, and then the MAC address 2222.2222.2222 is not in the cam table. sw2 will also forward data from F1/1. At this time, there are two situations:

A. PC2 receives the packet. At this time, because a packet has been received before, another packet is received, and the frame duplication problem occurs.

B. when SW1 receives the packet, it will find that the MAC address 1111.1111.1111 is learned by F0/1, and it will also rewrite its own cam table. In this way, the cam table will be constantly changed, the MAC address is unstable.

It can be seen from the above that when multiple links or multiple devices form a ring between switches, there will be three problems, that is, the broadcast storm, repeated frames, and the MAC address is unstable. The emergence of these three problems is very dangerous, so we need to find a way to avoid it, through STP (Spanning Tree Protocol) switch can avoid loops.

His work process is as follows:

650) This. width = 650; "src =" "Title =" stp2.jpg "style =" float: none; "alt =" wkiom1otm33ta8kkaack88yjf_k629.jpg "/>

The reason for these three situations is that a logical ring is formed between switches. If the ring can be broken, the above three situations will not occur. STP logically blocks a port based on this idea, for example, blocking port F1/1 of sw2, in this way, the data obtained from F1/2 on sw2 will not be forwarded from F1/1, and the data obtained from F1/1 will be blocked from the outside. This section describes multi-link scenarios. If multiple devices are used, a port is blocked logically to make the topology look like a tree, the tree has no loops.


Here we will give you a brief introduction to the working process and principles of Two-layer Switches Based on MAC addresses. I hope you will understand the working mechanism of two-layer switches later, I hope this article will give you some benefits.


This article is from the "LBD" blog, please be sure to keep this source

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.