An Ethernet switch uses the same logic as a transparent bridge, but performs more functions, has more
features, and has more physical ports. Switches use hardware to learn MAC addresses and to make
forwarding and filtering decisions, whereas bridges use software.
A switch listens for frames that enter all its interfaces. After receiving a frame, a switch decides whether to
forward a frame and out which port(s). To perform these functions, switches perform three tasks:
• Learning, which means that the switch learns MAC addresses by examining the source MAC address of
each frame the bridge receives. Switches dynamically learn the MAC addresses in the network to build
its MAC address table. With a full, accurate MAC address table, the switch can make accurate
forwarding and filtering decisions. Switches build the MAC address table by listening to incoming
frames and examining the frame's source MAC address. If a frame enters the switch, and the source
MAC address is not in the address table, the switch creates an entry in the table. The MAC address is
placed in the table, along with the interface in which the frame arrived. This allows the switch to make
good forwarding choices in the future. Switches also forward unknown unicast frames, which are frames
whose destination MAC addresses are not yet in the bridging table, out all ports, which is called
flooding, with the hope that the unknown device will be on some other Ethernet segment and will reply.
When the unknown device does reply, the switch will build an entry for that device in the address table
• Forwarding or filtering, which means that the switch decides when to forward a frame or when to filter
it, i.e., not to forward it, based on the destination MAC address. Switches reduce network overhead by
forwarding traffic from one segment to another only when necessary. To decide whether to forward a
frame, the switch uses a dynamically built table called a bridge table or MAC address table. The
switch looks at the previously learned MAC addresses in an address table to decide where to forward the
frames.
• Loop prevention, which means that the switch creates a loop-free environment with other bridges by
using Spanning Tree Protocol (STP). Having physically redundant links helps LAN availability, and
STP prevents the switch logic from letting frames loop around the network indefinitely, congesting the
LAN.
Frames sent to unicast addresses are destined for a single device; frames sent to a broadcast address are sent
to all devices on the LAN. Frames sent to multicast addresses are meant for all devices that care to receive
the frame. Thus, when a switch receives a frame, it checks if the address is a unicast address, a broadcast
address or a multicast address. If the address is unicast, and the address is in the address table, and if the
interface connecting the switch to the destination device is not the same interface on which the frame arrived,
the switch forwards the frame to the destination device. If the address is not in the address table, the switch
forwards the frame on all ports. If the address is a broadcast or multicast address, the switch also forwards
the frame on all ports.
The internal processing on a switch can decrease latency for frames. Switches can use store-and-forward
processing as well as cut-through processing logic. With cut-through processing, the first bits of the frame
are sent out the outbound port before the last bit of the incoming frame is received. However, because the
frame check sequence (FCS) is in the Ethernet trailer, a cut-through forwarded frame might have bit errors
that the switch will not notice before sending most of the frame.