Layer-2 switch network administrators do not know the basic knowledge

Lan exchange technology can also be called layer-2 Switch Exchange Technology, the content mainly includes the working principle of Layer 2 switching, network loops, and how to use the Spanning-Tree Protocol to solve Network loops, VLANs, and VTP technologies, this article mainly introduces the working principle of L2 switches and the dangers of network loops. Other content will be introduced later. We all know that the traditional shared Ethernet uses the CSMA/CD mechanism, that is, the carrier listens for Multi-Channel Access/conflict detection. Let's analyze it in detail:

▲Csma/CDCSMA/CD is a distributed media access control protocol. each node in the network can independently determine the transmission and receipt of data frames. Before sending data frames, each node must first perform carrier monitoring. frames can be sent only when the media is idle. At this time, if two or more nodes listen to the idle media and send frames at the same time, a conflict will occur. This will make all the sent frames invalid, and the sending will fail immediately. Each node must be able to detect conflicts at any time. In the event of a conflict, the transmission should be stopped to avoid wasted media bandwidth due to invalid frames transmitted. Then, after a random delay for a period of time, resend the media and resend the frame.
At first, three companies, Inter, Xerox and DEC, proposed the Ethernet standard. Later, the IEEE organization formulated the 802.3 standard, which stipulated the MAC Sub-layer of the Ethernet physical layer and the data link layer, it mainly defines 10BASE-2, 10BASE-5, 10BASE-T, 10BASE-F, etc., specifying the media, bandwidth, distance, and so on. At the same time, a 502.2 standard is defined to define the LLC sub-layer of the Ethernet data link layer, that is, the Logical Link Control Sub-layer, which mainly provides an interface between the data link layer and the network layer ,:
There are many protocols at the network layer. The data link layer provides a distinction between many protocols. Which protocol is used at the network layer? This is why the data frame encapsulates the header information of an LLC. However, in Traditional Ethernet 2 frames, instead of using LLC encapsulation, there is a two-byte type in the data frame to indicate the protocol used for Internet access. For example, the network layer protocol used is ARP. Www.2cto.com
Next let's take a look at the conflict domain. Broadcast domain conflict domain: All nodes in the shared Ethernet can send data when they need to communicate with other nodes, however, the CSMA/CD mechanism ensures that only one node can send data at a time. If the meat and meat send data at the same time, this situation may cause a conflict, in this shared network, the scope of a conflict may be called a conflict domain.
Broadcast domain: A broadcast domain is a range that can be reached by a broadcast packet in a network. That is to say, if a broadcast packet is sent to a node on a network, the range of this broadcast packet can be reached, which is called the broadcast domain. As a professional network staff, the ability to identify conflicting domains and broadcast domains is an important skill. The first-layer device is added to expand the conflict domain. Only the second-layer device or third-layer device can be added to separate the conflict domain, that is to say, if a bridge, vswitch, and vro are added, the conflicting domain can be divided into smaller parts to reduce the bandwidth competition and conflict. A vro also has the advantage of dividing smaller broadcast domains. This is called network segmentation. Second-layer devices are used to reduce the range of conflicting domains, which is called "differential segments", that is, segments that are not meaningful. The true segmentation is that the CIDR block numbers are different and direct communication is impossible. Therefore, L2 devices can achieve segmentation, but the network cannot be truly segmented, while vrouters can achieve real network segmentation. Let's take a look at this sentence! A table is provided for your reference.
▲In network segmentation, our exchange technology is undoubtedly using a switch. Let's look at the functions of a switch. Three Functions of a vswitch: 1. Learning MACA addresses 2. Data Frame Forwarding or data frame Filtering 3. Using the Spanning Tree Protocol to Prevent Network Loops
First, let's look at the MAC address learning function of the first vswitch. The vswitch performs exchange and forwarding through the MAC table. Therefore, the MAC address table is the core of the exchange, the difference between the network and the switch is that the bridge uses software to create and manage MAC address tables, while the switch uses ASIC to create and manage MAC address tables. MAC address learning function of www.2cto.com: When a vswitch is initialized, you must learn the source address of the data frame of the vswitch, and record the source address and the port number of the corresponding vswitch In the MAC address table. After the MAC address table is formed, the switch needs to learn the destination address of the data frame of the switch and compare it with the entries in the MAC address table to complete the corresponding forwarding.
▲When the MAC address learning switch is started, the MAC address table is empty because the MAC address table is stored in the memory. If computer A sends A data frame to computer C, the E0 port of the switch receives the data frame, and the switch records the correspondence between the source address C of the data frame and the E0 port. :

Because the switch does not know the MAC address of C, it forwards the data frame to other ports except E0.

If computer D sends a data frame to computer C, the E3 port of the switch receives the data frame, and the switch records the correspondence between the source address D of the data frame and the port. At this time, the switch still does not know the C address, so it still needs to forward the port other than E0. The switch constantly records the addresses of data frames received on each interface. After a period of time, the MAC addresses connected to all ports will be recorded in the MAC address table. In this case, when computer A sends data to computer C, it simply queries the MAC address table and forwards the data to other ports.

In this figure, computer A and computer B connect to the E0 port of the Switch through the HUB. Therefore, Two MAC addresses correspond to the same port in the MAC address table. If A communicates with B, the switch does not forward the data frame because both the source and MAC are on the same interface. This is the address learning function of the vswitch and packet forwarding filtering.
There are generally three switch Methods: Forward-through forwarding, segment forwarding, and storage forwarding.
Forward through: After the switch detects the directory address, it forwards the data frame. That is to say, it starts forwarding as long as it reads the target address. You can analyze the format of the data frame, add the leading bit and the target address, which are about 14 bytes, and do not need to be analyzed later. This reduces latency, but is not suitable for networks with high error rates. Because some data collision frames are smaller than 64 bytes, they will also be forwarded together! Www.2cto.com
Fragment forwarding: similar to forward through, it only detects the first 64 bytes of the frame during forwarding. The first 64 bytes contain a small part of data, the advantage is that you can discard bad frames smaller than 64 bytes to save bandwidth.
Storage forwarding: This is the most delayed type of forwarding. Before data forwarding, you must verify the integrity of the received frames and confirm that there are no errors before forwarding. If there is an error, no forwarding is performed. The advantage is that any packet smaller than 64 bytes and damaged data packets can be discarded, but the disadvantage is that the delay is high.
Next, let's take a look at the formation of the network loop: the figure below shows the network loop:

In this topology, the switch becomes a single point of failure. If the switch is broken, several modules cannot work properly at this time, and the client cannot access the server or connect to the internet, you cannot access the printer. A single point of failure (spof) means that the entire network cannot work normally if a single point of failure occurs. Therefore, in a general switched network, we all need to perform redundancy on the switch, but introducing redundancy will cause another problem. A very serious problem is the network loop. Next, let's take a look at the effect and impact of the loop on our network.
There are three main reasons:
1 Broadca ststorms broadcast storm 2 Multiple Frame Copies multi-repeat data Frame 3MAC Database Instability MAC Address Table Instability let's look at the broadcast storm one by one: Let's look at a picture and everyone will understand what a broadcast storm is:

Analysis: If Host X wants to communicate with other hosts on the network, the data packet is sent to switch A, but the switch still sends the report again to switch A, which is similar in sequence, A ring is formed, and it is very serious behind it. Why? When talking about the network basics, we talked about the format of the data frame. you can recall it, but in this format, there is no TTL mechanism similar to the three-layer IP header, therefore, data frames will be transmitted infinitely in the network, resulting in a broadcast storm from the surface. If unicast data is better, if broadcast or multicast data is transmitted in such a loop network, the broadcast storm becomes more obvious. Multi-data frame: Also known as repeated data frame www.2cto.com analysis: Host X is preparing to send a unicast frame to vroy Y. After the datagram is sent, it is found that there are two ways to reach vroy Y, one is to send the data directly, and the other is to transfer the data from vswitch A to vswitch B and then to vroy Y. Then, vroy Y receives two identical data frames.

There is also an unstable MAC address table:

Analysis: Host X still sends data frames to vroy Y. the MAC address table of the vro has not been learned by the vswitch, and the data frames are sent to ports 0 of exchange A and switch B along the link, then both switch A and switch B record the MAC address of Host X in port0. Because it is a data frame received through port0, it will flood outward through the port1 of the two switches and cross to the port1 port of the mutual switch, it is also believed that the port corresponding to the MAC address of Host X is port1, that is, the data frame sent from vswitch A comes to the port1 port of vswitch B. Then, after receiving the packet, switch B again floods the traffic through the Port0 port, and so on. The data frame repeats the above process in the loop, vswitch A and vswitch B repeatedly learn the MAC address of Host X on port1 and port0, resulting in unstable MAC address table. This article is from the fat shark network.