A network switch is a Layer 2 device that connects devices within a local area network and forwards data frames by MAC address. A network switch reads the destination MAC address in each Ethernet frame and sends the frame only to the port that reaches that address. A network switch operates at the data link layer, Layer 2 of the OSI model, and follows the IEEE 802.3 Ethernet standard.
A network switch lets many wired devices communicate inside one network at the same time without collisions. This article defines what a network switch is, explains how the MAC address table and full-duplex operation work, separates managed switches from unmanaged switches, and describes Power over Ethernet switches.
The article also compares a switch against a hub and a router and explains port counts and port speeds. Each section answers one question about switch operation, switch types, and switch selection inside a wired network.
What Is a Network Switch?
A network switch is a Layer 2 device that connects devices in a LAN and forwards Ethernet frames by destination MAC address. A network switch builds a table of MAC addresses and the port that reaches each one, then forwards each frame only to its destination port.
The IEEE 802.1D and IEEE 802.3 standards define switch bridging and Ethernet operation. A network switch differs from a router because a switch forwards frames inside one network by MAC address, while a router forwards packets between networks by IP address.
A network switch provides several Ethernet ports, commonly 5, 8, 16, 24, or 48 ports. Each device connects to one port, and the switch forwards frames between the ports as traffic requires.
How Does a Network Switch Work?
A network switch works by learning the source MAC address on each incoming frame, storing it with the arriving port, and forwarding frames to the port that matches the destination MAC address. This process, called transparent bridging, is defined in IEEE 802.1D. A switch floods a frame to all ports only when the destination MAC address is not yet in the table.
What Is a MAC Address Table?
A MAC address table is a data structure that maps each known MAC address to the switch port that reaches it. A switch builds the table automatically by reading the source address of every frame.
The table lets a switch forward unicast traffic to a single port, which keeps traffic off ports that do not need it. Each entry ages out after a timeout, commonly 300 seconds on Cisco switches.
What Is Full-Duplex Operation?
Full-duplex operation is a mode in which a device sends and receives data at the same time over a single link. A switch port supports full-duplex, so a connected device transmits and receives without collisions. The IEEE 802.3 standard defines full-duplex Ethernet, which removed the collision domain that limited shared-media networks.
What Is the Difference Between a Switch and a Hub?
A network switch forwards each frame only to the destination port, while a network hub repeats every frame to all ports. A hub creates one shared collision domain, so only one device transmits at a time, and a hub operates at Layer 1. A switch creates a separate collision domain per port and operates at Layer 2, so many devices transmit at once.
The behavior of the older repeater device appears in the explanation of how a network hub repeats signals. A switch replaced the hub in modern Ethernet because per-port forwarding raises usable bandwidth.
What Are Managed and Unmanaged Switches?
There are 2 main switch categories defined by configurability: managed switches and unmanaged switches. The two categories serve different network sizes and control needs. The categories are described below.
- Unmanaged switches forward frames with no configuration and suit small home or office networks that need plug-and-play connectivity.
- Managed switches add configuration through a console, web interface, or SNMP, and support VLANs, QoS, port mirroring, and the Spanning Tree Protocol defined in IEEE 802.1D.
What Is a VLAN on a Managed Switch?
A VLAN, Virtual Local Area Network, is a logical network that a managed switch creates by grouping ports independent of physical location. The IEEE 802.1Q standard defines VLAN tagging. A managed switch separates traffic into VLANs so one physical switch carries several isolated networks.
What Is the Spanning Tree Protocol?
The Spanning Tree Protocol is a managed-switch protocol that prevents loops in a network with redundant links. IEEE 802.1D defines the Spanning Tree Protocol, and IEEE 802.1w defines the faster Rapid Spanning Tree Protocol. A managed switch blocks redundant paths so a broadcast frame cannot circulate endlessly.
What Is a Power over Ethernet Switch?
A Power over Ethernet switch is a switch that delivers electrical power and data over the same Ethernet cable to connected devices. The IEEE 802.3af standard supplies up to 15.4 watts per port, IEEE 802.3at supplies up to 30 watts, and IEEE 802.3bt supplies up to 90 watts.
A PoE switch powers IP cameras, wireless access points, and IP phones without a separate power supply at each device. A wireless access point that draws power from a PoE port, the access point that adds Wi-Fi coverage, mounts where no outlet exists.
What Are Switch Port Counts and Speeds?
A network switch port count ranges from 5 ports on small desktop units to 48 ports on rack-mounted units, and port speeds follow the IEEE 802.3 Ethernet rates. Common port speeds are 100 Mbps Fast Ethernet, 1 Gbps Gigabit Ethernet, 2.5 Gbps and 5 Gbps multi-gigabit, and 10 Gbps.
The cabling that carries these rates, defined under the Ethernet wiring standard, sets the maximum speed each port reaches. A switch port negotiates the highest speed both ends support through Auto-Negotiation in IEEE 802.3.
What Is the Difference Between a Switch and a Router?
A network switch forwards frames inside one network by MAC address, while a router forwards packets between networks by IP address. A switch operates at Layer 2, and a router operates at Layer 3. A switch builds the local network, and a router connects that network to other networks and the internet.
The full distinction between the two devices appears in the comparison of a switch against a router. A home router includes a small built-in switch, which is why both devices appear together in many networks.
What Is a Layer 3 Switch?
A Layer 3 switch is a switch that adds IP routing to the standard Layer 2 frame forwarding. A Layer 3 switch forwards frames by MAC address within a VLAN and routes packets by IP address between VLANs, combining both functions in one device. The routing happens in hardware ASICs, so a Layer 3 switch routes between local VLANs faster than a traditional router.
Cisco documentation describes Layer 3 switches as the aggregation layer in campus networks. A Layer 3 switch does not replace an edge router, because it lacks WAN interfaces and the dynamic protocols that connect to the internet.
What Is Switch Latency and Switching Method?
Switch latency is the delay a switch adds between receiving a frame and forwarding it, and the switching method sets that delay. The two main methods are listed below.
- Store-and-forward switching reads the entire frame, verifies the frame check sequence, then forwards it, which catches errors at the cost of higher latency.
- Cut-through switching forwards a frame as soon as it reads the destination MAC address, which lowers latency but passes corrupted frames through.
Most managed switches default to store-and-forward, because the error check prevents the spread of damaged frames across a network. Latency on a Gigabit store-and-forward switch typically measures a few microseconds per frame.
How Do You Choose a Network Switch?
A network switch must match the device count, the required speed, and the configuration level a network needs. The selection factors are listed below.
- Port count must exceed the current wired device count, with spare ports for growth, because a switch cannot add ports after purchase.
- Port speed must match the devices and uplink, since a Gigabit switch caps a network at 1 Gbps while a multi-gigabit switch reaches 2.5, 5, or 10 Gbps.
- Management level decides between an unmanaged switch for plug-and-play use and a managed switch for VLANs, QoS, and monitoring.
- PoE budget must cover the powered devices, because a switch lists a total wattage shared across all PoE ports under IEEE 802.3af, 802.3at, or 802.3bt.
A switch sized below the device count forces a second switch and an uplink port, which reduces the usable port total.
What Is a Stackable Switch?
A stackable switch is a switch that joins other switches through a dedicated high-speed stacking link to act as one logical device. A stack shares one management address and one configuration, so an administrator manages several physical switches as a single unit. Cisco and other vendors connect stack members through rear stacking ports that run far faster than standard uplinks.
A stack distributes the Spanning Tree calculation and forwarding across members, which raises port density without adding management points. A stackable switch suits wiring closets where port counts exceed a single chassis.
Key Takeaways
- A network switch forwards Ethernet frames by destination MAC address at Layer 2 within a LAN.
- A MAC address table maps each address to a port, so a switch forwards unicast traffic to one port.
- Full-duplex operation lets each device send and receive at once without collisions.
- Unmanaged switches need no configuration, while managed switches add VLANs, QoS, and Spanning Tree.
- PoE switches deliver up to 90 watts per port under IEEE 802.3bt to power cameras and access points.
What does a network switch do?
A network switch connects devices within a LAN and forwards Ethernet frames by destination MAC address, sending each frame only to the port that reaches its target.
What is the difference between a switch and a hub?
A switch forwards each frame only to the destination port at Layer 2, while a hub repeats every frame to all ports at Layer 1 in one shared collision domain.
What is a managed switch?
A managed switch adds configuration through a web interface, console, or SNMP, supporting VLANs, QoS, port mirroring, and the Spanning Tree Protocol defined in IEEE 802.1D.
What is a PoE switch?
A PoE switch delivers power and data over one Ethernet cable, supplying up to 15.4, 30, or 90 watts per port under IEEE 802.3af, 802.3at, and 802.3bt.
Is a switch the same as a router?
No. A switch forwards frames inside one network by MAC address at Layer 2, while a router forwards packets between networks by IP address at Layer 3.
How many ports does a network switch have?
A network switch commonly provides 5, 8, 16, 24, or 48 Ethernet ports, with desktop units at the low end and rack-mounted units at the high end.
Last Thoughts on Network Switches
A network switch builds the wired core of a local area network by forwarding frames to the exact port that reaches each device. The MAC address table and full-duplex operation give a switch collision-free forwarding that a hub cannot match. Unmanaged switches add ports with no setup, while managed switches add VLANs, QoS, and loop prevention through the Spanning Tree Protocol.
PoE switches power cameras and access points over the data cable. Port counts and IEEE 802.3 speeds size a switch to a network. Readers separating roles can compare switch forwarding against router forwarding and review the hub that a switch replaced to place each device correctly.
