Convergence of a sequence of random variables. Weak convergence of distributions

Ethernet segment switching technology was introduced by Kalpana in 1990 in response to the growing need for increased bandwidth between high-performance servers and workstation segments.

The block diagram of the EtherSwitch switch proposed by Kalpana is shown in Fig. 4.23.

Rice. 4.23. Structure of Ka1rapa EtherSwitch

Each of the 8 10Base-T ports is served by one Ethernet packet processor - EPP (Ethernet Packet Processor). In addition, the switch has a system module that coordinates the operation of all EPP processors. The system module maintains the general address table of the switch and provides management of the switch via the SNMP protocol. To transfer frames between ports, a switch fabric is used, similar to those found in telephone switches or multiprocessor computers, connecting multiple processors to multiple memory modules.

The switching matrix operates on the principle of circuit switching. For 8 ports, the matrix can provide 8 simultaneous internal channels when the ports operate in half-duplex mode and 16 in full-duplex mode, when the transmitter and receiver of each port operate independently of each other.

When a frame arrives at any port, the EPP processor buffers the first few bytes of the frame to read the destination address. After receiving the destination address, the processor immediately decides to transmit the packet, without waiting for the remaining bytes of the frame to arrive. To do this, it looks through its own address table cache, and if it does not find the required address there, it turns to the system module, which operates in multitasking mode, servicing requests from all EPP processors in parallel. The system module scans the general address table and returns the found line to the processor, which it buffers in its cache for later use.

After finding the destination address, the EPP processor knows what to do next with the incoming frame (while looking through the address table, the processor continued to buffer the frame bytes arriving at the port). If a frame needs to be filtered, the processor simply stops writing frame bytes to the buffer, clears the buffer, and waits for a new frame to arrive.

If the frame needs to be transmitted to another port, then the processor accesses the switching matrix and tries to establish a path in it that connects its port with the port through which the route to the destination address goes. The switching fabric can only do this if the port of the destination address is free at that moment, that is, not connected to another port.

If the port is busy, then, as in any circuit-switched device, the matrix refuses the connection. In this case, the frame is completely buffered by the input port processor, after which the processor waits for the output port to become free and for the switching matrix to form the required path.

Once the desired path is established, the buffered bytes of the frame are sent to it and received by the output port processor. As soon as the output port processor accesses the Ethernet segment connected to it using the CSMA/CD algorithm, the frame bytes immediately begin to be transmitted to the network. The input port processor permanently stores several bytes of the received frame in its buffer, which allows it to independently and asynchronously receive and transmit frame bytes (Figure 4.24).

Rice. 4.24. Frame transmission through switch fabric

When the output port was free at the time of frame reception, the delay between the reception of the first byte of the frame by the switch and the appearance of the same byte at the output of the destination address port was only 40 μs for the Kalpana switch, which was much less than the delay of the frame when it was transmitted by a bridge.

The described method of transmitting a frame without completely buffering it is called “on-the-fly” or “cut-through” switching. This method is, in fact, pipeline processing of a frame, when several stages of its transmission are partially combined in time (Fig. 4.25).

Rice. 4.25. Time savings during frame pipeline processing: A- conveyor processing; b- normal processing with full buffering

1. Reception of the first bytes of the frame by the input port processor, including reception of the destination address bytes.

2. Search for the destination address in the switch’s address table (in the processor cache or in general table system module).

3. Matrix switching.

4. Reception of the remaining bytes of the frame by the input port processor.

5. Reception of frame bytes (including the first) by the output port processor through the switching matrix.

6. Gaining access to the environment by the output port processor.

7. Transmission of frame bytes by the output port processor to the network.

Stages 2 and 3 cannot be combined in time, since without knowing the output port number, the matrix switching operation does not make sense.

Compared to the full frame buffering mode, also shown in Fig. 4.25, the savings from conveyorization are noticeable.

However, the main reason for improved network performance when using a switch is parallel processing multiple frames.

This effect is illustrated in Fig. 4.26. The figure shows an ideal situation in terms of increasing performance when four out of eight ports transmit data at a maximum speed of 10 Mb/s for the Ethernet protocol, and they transmit this data to the remaining four ports of the switch without conflicting - data flows between network nodes are distributed so that Each frame receiving port has its own output port. If the switch manages to process input traffic even at the maximum intensity of frames arriving at the input ports, then the overall performance of the switch in the above example will be 4*10 = 40 Mbit/s, and when generalizing the example for N ports - (N/2)*l0 Mbit/s With. A switch is said to provide each station or segment connected to its ports with dedicated protocol bandwidth.

Naturally, the network does not always have the situation shown in Fig. 4.26. If two stations, for example stations connected to ports 3 And 4, simultaneously you need to write data to the same server connected to the port 8, then the switch will not be able to allocate a data stream of 10 Mbit/s to each station, since the port 8 cannot transmit data at 20 Mbps. Station frames will wait in internal queues of input ports 3 And 4, when the port is free 8 to transmit the next frame. Obviously, a good solution for this distribution of data flows would be to connect the server to a higher speed port, such as Fast Ethernet.

Rice. 4.26. Parallel frame transmission by switch

Since the main advantage of a switch, thanks to which it has gained very good positions in local networks, is its high performance, switch developers are trying to produce so-called non-blocking switch models.

A non-blocking switch is one that can transmit frames through its ports at the same rate as they arrive at them. Naturally, even a non-blocking switch cannot resolve over a long period of time situations like the one described above, when frames are blocked due to the limited speed of the output port.

Usually they mean a stable non-blocking mode of operation of the switch, when the switch transmits frames at their arrival rate for an arbitrary period of time. To ensure such a mode, it is naturally necessary to distribute frame flows across the output ports so that they can cope with the load and the switch can always, on average, transmit as many frames to the outputs as they arrived at the inputs. If the input frame stream (summed over all ports) on average exceeds the output frame stream (also summed over all ports), then the frames will accumulate in the switch’s buffer memory, and if its capacity is exceeded, they will simply be discarded. To ensure non-blocking mode of the switch, it is necessary to perform sufficient simple condition:

Cк= (∑ Cpi)/2,

where Ck is the performance of the switch, Cpi is the maximum performance of the protocol supported by the i-th port of the switch. The total performance of the ports takes into account each passing frame twice - as an incoming frame and as an outgoing frame, and since in steady mode the input traffic is equal to the output traffic, the minimum sufficient switch performance to support non-blocking mode is equal to half the total port performance. If the port operates in half-duplex mode, for example Ethernet 10 Mbit/s, then the performance of the port Cpi is 10 Mbit/s, and if in full duplex, then its Cpi will be 20 Mbit/s.

The switch is sometimes said to support instant non-blocking mode. This means that it can receive and process frames from all its ports at the maximum speed of the protocols, regardless of whether the conditions of a stable balance between incoming and outgoing traffic are achieved. True, the processing of some frames may be incomplete - when the output port is busy, the frame is placed in the switch buffer. To support non-blocking instantaneous mode, the switch must have greater native performance, namely, it must be equal to the total performance of its ports:

The first switch for local networks It was not by chance that it appeared for Ethernet technology. In addition to the obvious reason associated with the greatest popularity of Ethernet networks, there was another, no less important reason - this technology suffers more than others from increasing latency for access to the medium as segment load increases. Therefore, Ethernet segments in large networks primarily needed a means of offloading bottlenecks networks, and this tool became switches from Kalpana, and then from other companies.

Some companies have begun to develop switching technology to improve the performance of other LAN technologies, such as Token Ring and FDDI. These switches supported both transparent bridging and source-routed bridging algorithms. The internal organization of switches from different manufacturers was sometimes very different from the structure of the first EtherSwitch, but the principle of parallel processing of frames on each port remained unchanged.

The widespread use of switches was undoubtedly facilitated by the fact that the introduction of switching technology did not require replacement of equipment installed in networks - network adapters, hubs, cable systems. The switch ports operated in normal half-duplex mode, so it was possible to transparently connect both an end node and a hub organizing an entire logical segment to them.

Since switches and bridges are transparent to network layer protocols, their appearance on the network did not have any impact on the network routers, if any were present.

The convenience of using the switch also lies in the fact that it is a self-learning device and, if the administrator does not load it additional functions, it is not necessary to configure it - you just need to correctly connect the cable connectors to the switch ports, and then it will work independently and effectively perform its task of increasing network performance.

Related information.

Now, in a time of all kinds of gadgets and electronic devices that overwhelm the living environment of an ordinary person, the urgent problem is how to link all these smart devices with each other. Almost every apartment has a TV, computer/laptop, printer, scanner, sound system, and I want to somehow coordinate them, and not throw them infinite number information via flash drives, without getting tangled up in endless kilometers of wires. The same situation applies to offices - with a considerable number of computers and MFPs, or other systems where you need to link different representatives electronic community into one system. This is where the idea of ​​building a local network arises. And the basis of a well-organized and structured local network is a network switch.



DEFINITION

Other devices are also used to build local networks - concentrators (hubs) and routers (routers). Right away, in order to avoid confusion, it is worth pointing out the differences between them and the switch.

Concentrator (aka hub)– is the progenitor of the switch. The time of using hubs is actually a thing of the past, due to the following inconvenience: if information came to one of the hub ports, it immediately relayed it to others, “clogging” the network with excess traffic. But occasionally they are still found, however, among modern network equipment they look like self-propelled carriages of the early 20th century among modern electric cars.

Routers- devices with which switches are often confused because of their similar appearance, but they have a wider range of operating capabilities, and therefore a higher cost. These are a kind of network microcomputers with which you can fully configure the network by registering all device addresses in it and applying logical operating algorithms - for example, network protection.

Switches and hubs are most often used to organize local networks, routers are used to organize a network connected to the Internet. However, it should be noted that now the boundaries between switches and routers are gradually blurring - switches are being produced that require configuration and work with registered addresses of local network devices. They can function as routers, but they are usually expensive devices not for home use.
The simplest and cheapest configuration option for a medium-sized home local network (with more than 5 objects), with an Internet connection, will contain both a switch and a router:

FEATURES OF THE WORK

• Switch type – managed, unmanaged and customizable.

1. Unmanaged switches – do not support network management protocols. They are the simplest, do not require special settings, and are inexpensive: from 440 to 2990 rubles. The optimal solution for a small local network. Even a person who is far from these matters can handle assembling a local network based on them - you just need to buy the switch itself, cables of the required length to connect the equipment (preferably in the form of an patch cord, i.e. “with plugs” assembled - don’t forget Before purchasing, inspect the equipment to which the cable will be connected, and clarify what type of connector you will need), and assemble the network itself. The simplest setup is described in the documentation for the device.
2. Managed switches - support network management protocols, have a more complex design, offer wider functionality - using a WEB interface or specialized programs, they can be managed by specifying the parameters of the network connected to them, the priorities of individual devices, etc. It is this type of switches that can replace routers . The price for such devices ranges from 2,499 to 14,490 rubles. This type switches are of interest for specialized local networks - video surveillance, industrial network, office network.
3. Configurable switches are devices that support some settings (for example, configuring VLANs (creating subgroups)), but are still in many ways inferior to managed switches. Configurable switches can be either managed or unmanaged.

• Switch placement – can be of three types:

1. Desktop - a compact device that can simply be placed on a table;
2. Wall-mounted - a small device that, as a rule, can be placed both on a table and on a wall - special grooves/mounts are provided for the latter;
3. Rack-mountable – A device with slots provided for rack-mounting network equipment, but which typically can also be placed on a desk.

• Basic data rate – the speed at which each of the device ports operates. As a rule, several numbers are indicated in the switch parameters, for example: 10/100 Mbit/s - this means that the port can operate at speeds of 10 Mbit/s and 100 Mbit/s, automatically adjusting to the speed of the data source. Models with basic speed are presented:

• Total number of switch ports – one of the main parameters; in principle, it is the one that most influences the configuration of the local network, because it determines how much equipment you can connect. The range is from 5 to 48 ports. Switches with a number of ports of 5-15 are most interesting for building a small home network; devices with a number of ports from 15 to 48 are aimed at more serious configurations.

• – ports supporting speeds of 100 Mbit/s, sometimes up to 48;
• Number of ports with a speed of 1 Gbit/s – ports supporting speeds of 1 Gbit/s – which is especially important for high-speed data transfer, up to 48;
• PoE support – if such a parameter exists , it means that a device connected to a port with this option can be powered via a network cable (twisted pair), without any influence on the transmitted information signal. The function is especially attractive for connecting devices to which it is undesirable or impossible to connect an additional power cable - for example, for WEB cameras.
• SFP ports  – switch ports for communication with higher-level devices, or with other switches. Compared with ordinary ports, can support data transmission of more long distances(a standard port with an RJ-45 connector and a connected twisted pair cable supports transmission within 100m). This port is not equipped with a transceiver, it is only a slot to which you can connect an SFP module, which is an external transceiver for connecting the required cable - optical, twisted pair.

• Packet service speed – a characteristic indicating equipment performance, measured in millions of packets per second – MPps. As a rule, packets of 64 bytes are meant (to be specified by the manufacturer). The value of this characteristic of various devices ranges from 1.4 to 71.4 Mpps.

• small home local network, including, for example, several computers, a printer, a TV and a stereo system (provided that all equipment supports a network connection);

The switch is one of the most important devices used in building a local network. In this article we will talk about what switches are and focus on the important characteristics that need to be taken into account when choosing a local network switch.

First, let's look at the general block diagram to understand what place the switch occupies in the enterprise local network.

The picture above shows the most common block diagram small local network. As a rule, access switches are used in such local networks.

Access switches are directly connected to end users, providing them with access to local network resources.

However, in large local networks, switches perform the following functions:

Network access level. As mentioned above, access switches provide connection points for end-user devices. In large local networks, access switch frames do not communicate with each other, but are transmitted through distribution switches.

Distribution level. Switches at this layer forward traffic between access switches, but do not interact with end users.

System kernel level. Devices of this type combine data transmission channels from distribution level switches in large territorial local networks and provide very high speed switching data streams.

Switches are:

Unmanaged switches. These are ordinary autonomous devices on a local network that manage data transmission independently and do not have the ability additional settings. Due to ease of installation and low price, they are widely used for installation at home and in small businesses.

Managed Switches. More advanced and expensive devices. They allow the network administrator to independently configure them for specified tasks.

Managed switches can be configured in one of the following ways:

Via console port Via WEB interface

Through Telnet Via SNMP protocol

Via SSH

Switch levels

All switches can be divided into model levels OSI . The higher this level, the great opportunities the switch has, however, its cost will be significantly higher.

Layer 1 switches. This level includes hubs, repeaters and other devices operating at the physical level. These devices were present at the dawn of the development of the Internet and are currently not used on the local network. Having received a signal, a device of this type simply transmits it further to all ports except the sender port

Layer 2 switches2) . This level includes unmanaged and some managed switches ( switch ) working at the link level of the model OSI . Second-level switches work with frames - frames: a stream of data divided into portions. Having received the frame, the layer 2 switch reads the sender's address from the frame and enters it into its table MAC addresses, matching this address to the port on which it received this frame. Thanks to this approach, Layer 2 switches forward data only to the destination port, without creating excess traffic on other ports. Layer 2 switches don't understand IP addresses located at the third network level of the model OSI and work only at the link level.

Layer 2 switches support the most common protocols such as:

IEEE 802.1 q or VLAN virtual local networks. This protocol allows you to create separate logical networks within the same physical network.

For example, devices connected to the same switch, but located in different VLAN will not see each other and will be able to transmit data only in their own broadcast domain (devices from the same VLAN). Between themselves, the computers in the figure above will be able to transmit data using a device operating at the third level with IP addresses: router.

IEEE 802.1p (Priority tags ). This protocol is natively present in the protocol IEEE 802.1q and is a 3-bit field from 0 to 7. This protocol allows you to mark and sort all traffic by importance by setting priorities (maximum priority 7). Frames with higher priority will be forwarded first.

IEEE 802.1d Spanning tree protocol (STP).This protocol builds a local network in the form of a tree structure to avoid network loops and prevent the formation of a network storm.

Let's say the local network is installed in the form of a ring to increase the fault tolerance of the system. The switch with the highest priority in the network is selected as the root switch.In the example above, SW3 is the root. Without delving into protocol execution algorithms, switches calculate the path with the maximum cost and block it. For example, in our case, the shortest path from SW3 to SW1 and SW2 will be through its own dedicated interfaces (DP) Fa 0/1 and Fa 0/2. In this case, the default path price for the 100 Mbit/s interface will be 19. Interface Fa 0/1 of the local network switch SW1 is blocked because the total path price will be the sum of two transitions between 100 Mbit/s interfaces 19+19=38.

If the working route is damaged, the switches will recalculate the path and unblock this port

IEEE 802.1w Rapid spanning tree protocol (RSTP).Enhanced 802.1 standard d , which has higher stability and shorter recovery time of the communication line.

IEEE 802.1s Multiple spanning tree protocol.The latest version, taking into account all the shortcomings of the protocols STP and RSTP.

IEEE 802.3ad Link aggregation for parallel link.This protocol allows you to combine ports into groups. Total speed of this port aggregation will be the sum of the speeds of each port in it.The maximum speed is determined by the IEEE 802.3ad standard and is 8 Gbit/s.

Layer 3 switches3) . These devices are also called multiswitches since they combine the capabilities of switches operating at the second level and routers operating with IP packages at the third level.Layer 3 switches fully support all the features and standards of Layer 2 switches. Network devices can be accessed using IP addresses. A layer 3 switch supports the establishment of various connections: l 2 tp, pptp, pppoe, vpn, etc.

Layer 4 switches 4) . L4 level devices running on transport layer models OSI . Responsible for ensuring the reliability of data transmission. These switches can, based on information from the packet headers, understand the identity of the traffic different applications and make decisions about rerouting such traffic based on this information. The name of such devices is not settled; sometimes they are called smart switches, or L4 switches.

Main characteristics of switches

Number of ports. Currently, there are switches with the number of ports from 5 to 48. The number of network devices that can be connected to a given switch depends on this parameter.

For example, when building a small local network of 15 computers, we will need a switch with 16 ports: 15 for connecting end devices and one for installing and connecting a router to access the Internet.

Data transfer rate. This is the speed at which each switch port operates. Typically speeds are specified as follows: 10/100/1000 Mbit/s. The speed of the port is determined during auto negotiation with the end device. On managed switches, this parameter can be configured manually.

For example : A PC client device with a 1 Gbps network card is connected to a switch port with an operating speed of 10/100 Mbps c . As a result of auto-negotiation, devices agree to use the maximum possible speed of 100 Mbps.

Auto port negotiation between Full – duplex and half – duplex. Full – duplex: Data transfer is carried out simultaneously in two directions. Half-duplex Data transmission is carried out first in one direction, then in the other direction sequentially.

Internal fabric bandwidth. This parameter shows the overall speed at which the switch can process data from all ports.

For example: on a local network there is a switch with 5 ports operating at a speed of 10/100 Mbit/s. IN technical specifications switching matrix parameter is 1 Gbit/ c . This means that each port is in Full-duplex can operate at a speed of 200 Mbit/ c (100 Mbit/s reception and 100 Mbit/s transmission). Let's assume that the parameter of this switching matrix is ​​less than the specified one. This means that during peak loads, the ports will not be able to operate at the declared speed of 100 Mbit/s.

Auto MDI/MDI-X cable type negotiation. This function allows you to determine which of the two methods the EIA/TIA-568A or EIA/TIA-568B twisted pair was crimped. When installing local networks, the EIA/TIA-568B scheme is most widely used.

Stacking is the combination of several switches into one single logical device. Various manufacturers switches use their own stacking technologies, for example c isco uses Stack Wise stacking technology with a 32 Gbps bus between switches and Stack Wise Plus with a 64 Gbps bus between switches.

For example, this technology is relevant in large local networks, where it is necessary to connect more than 48 ports on the basis of one device.

Mounting for 19" rack. In home environments and small local networks, switches are often installed on flat surfaces or mounted on the wall, but the presence of so-called “ears” is necessary in larger local networks where active equipment is located in server cabinets.

MAC table sizeaddresses A switch is a device operating at level 2 of the model OSI . Unlike a hub, which simply redirects the received frame to all ports except the sender port, the switch learns: remembers MAC address of the sender's device, entering it, port number and lifetime of the entry into the table. Using this table, the switch does not forward the frame to all ports, but only to the recipient port. If the number of network devices in the local network is significant and the table size is full, the switch begins to overwrite older entries in the table and writes new ones, which significantly reduces the speed of the switch.

Jumboframe . This feature allows the switch to handle larger packet sizes than those defined by the Ethernet standard. After each packet is received, some time is spent processing it. When using an increased packet size using Jumbo Frame technology, you can save on packet processing time in networks that use data transfer rates of 1 Gb/sec and higher. At a lower speed there is no big gain

Switching modes.In order to understand the principle of operation of switching modes, first consider the structure of the frame transmitted at the data link level between the network device and the switch on the local network:

As can be seen from the picture:

• First comes the preamble signaling the start of frame transmission,
• Then MAC destination address ( DA) and MAC sender's address ( S.A.)
• Third level ID: IPv 4 or IPv 6 is used
payload)
• And at the end the checksum FCS: A 4 byte CRC value used to detect transmission errors. Calculated by the sending party, and placed in the FCS field. The receiving party calculates given value independently and compares it with the obtained value.

Now let's look at the switching modes:

Store - and - forward. This mode switching saves the entire frame to a buffer and checks the field FCS , which is at the very end of the frame and if the checksum of this field does not match, discards the entire frame. As a result, the likelihood of network congestion is reduced, since it is possible to discard frames with errors and delay the packet transmission time. This technology present in more expensive switches.

Cut-through. Simpler technology. In this case, frames can be processed faster, since they are not completely saved to the buffer. For analysis, data from the beginning of the frame to the destination MAC address (DA), inclusive, is stored in a buffer. The switch reads this MAC address and forwards it to the destination. The disadvantage of this technology is that the switch in this case forwards both dwarf packets with a length of less than 512 bit intervals and damaged packets, increasing the load on the local network.

PoE technology support

Pover over ethernet technology allows you to power a network device over the same cable. This decision allows you to reduce the cost of additional installation of supply lines.

The following PoE standards exist:

PoE 802.3af supports equipment up to 15.4 W

PoE 802.3at supports equipment up to 30W

Passive PoE

PoE 802.3 af/at have intelligent control circuits for supplying voltage to the device: before supplying power to the PoE device, the af/at standard source negotiates with it to avoid damage to the device. Passiv PoE is much cheaper than the first two standards; power is directly supplied to the device via free pairs of the network cable without any coordination.

Characteristics of standards

The PoE 802.3af standard is supported by most low-cost IP cameras, IP phones and access points.

The PoE 802.3at standard is present in more expensive models of IP video surveillance cameras, where it is not possible to meet 15.4 W. In this case, both the IP video camera and the PoE source (switch) must support this standard.

Expansion slots. Switches may have additional expansion slots. The most common are SFP modules (Small Form-factor Pluggable). Modular, compact transceivers used for data transmission in a telecommunications environment.

SFP modules are inserted into a free SFP port of a router, switch, multiplexer or media converter. Although SFP Ethernet modules exist, the most commonFiber optic modules are used to connect the main channel when transmitting data over long distances beyond the reach of the Ethernet standard. SFP modules are selected depending on distance and data transfer speed. The most common are dual-fiber SFP modules, which use one fiber for receiving and the other for transmitting data. However, WDM technology allows data transmission at different wavelengths over a single optical cable.

SFP modules are:

• SX - 850 nm used with multimode optical cable over distances up to 550m
• LX - 1310 nm is used with both types of optical cable (SM and MM) at a distance of up to 10 km
• BX - 1310/1550 nm is used with both types of optical cable (SM and MM) at a distance of up to 10 km
• XD - 1550 nm is used with single mode cable up to 40 km, ZX up to 80 km, EZ or EZX up to 120 km and DWDM

The SFP standard itself provides for data transmission at a speed of 1 Gbit/s, or at a speed of 100 Mbit/s. For faster data transfer, SFP+ modules were developed:

• SFP+ data transfer at 10 Gbps
• XFP data transfer at 10 Gbps
• QSFP+ data transfer at 40 Gbps
• CFP data transfer at 100 Gbps

However, at higher speeds, signals are processed at high frequencies. This requires greater heat dissipation and, accordingly, larger dimensions. Therefore, in fact, the SFP form factor is still preserved only in SFP+ modules.

Conclusion

Many readers have probably come across unmanaged switches and low-cost managed second-layer switches in small local networks. However, the choice of switches for building larger and technically complex local networks is best left to professionals.

Safe Kuban uses switches of the following brands when installing local networks:

Professional Solution:

Cisco

Qtech

Budget solution

D-Link

Tp-Link

Tenda

Safe Kuban carries out installation, commissioning and maintenance of local networks in Krasnodar and the South of Russia.

In the vast majority of home local networks, only a wireless router is used as active equipment. However, if you need more than four wired connections, you will need to add a network switch (although today there are routers with seven to eight ports for clients). The second common reason for purchasing this equipment is more convenient network wiring. For example, you can install a switch near the TV, connect one cable from the router to it, and connect the TV itself, media player, game console and other equipment to other ports.

The simplest models of network switches have just a couple of key characteristics - the number of ports and their speed. And taking into account modern requirements and the development of the element base, we can say that if the goal of saving at any cost or some specific requirements is not the goal, it is worth buying models with gigabit ports. FastEthernet networks with a speed of 100 Mbps are of course used today, but it is unlikely that their users will encounter the problem of a lack of ports on the router. Although, of course, this is also possible, if you recall the products of some well-known manufacturers with one or two ports for a local network. Moreover, it would be appropriate to use a gigabit switch here to increase the performance of the entire wired local network.

In addition, when choosing, you can also take into account the brand, material and design of the case, the implementation of the power supply (external or internal), the presence and location of indicators and other parameters. Surprisingly, the characteristic of operating speed, which is familiar to many other devices, in this case makes virtually no sense, as was recently published. In data transfer tests, models of completely different categories and prices show the same results.

In this article, we decided to briefly talk about what can be interesting and useful in “real” Level 2 switches. Of course, this material does not pretend to be the most detailed and in-depth presentation of the topic, but, hopefully, it will be useful to those who are faced with more serious tasks or requirements when building their local network in an apartment, house or office than installing a router and setting up Wi-Fi. Fi. In addition, many topics will be presented in a simplified format, reflecting only the main points in the interesting and varied topic of network packet switching.

Previous articles in the “Building a Home Network” series are available at the following links:

In addition, useful information about building networks is available in this subsection.

Theory

First, let's remember how a “regular” network switch works.

This “box” is small in size, has several RJ45 ports for connecting network cables, a set of indicators and a power input. It works according to algorithms programmed by the manufacturer and does not have any user-accessible settings. The principle of “connect the cables - turn on the power - works” is used. Each device (more precisely, its network adapter) on the local network has a unique address - MAC address. It consists of six bytes and is written in the format "AA:BB:CC:DD:EE:FF" with hexadecimal digits. You can find it out programmatically or by looking at the information plate. Formally, this address is considered to be issued by the manufacturer at the production stage and is unique. But in some cases this is not the case (uniqueness is required only within the local network segment, and changing the address can be easily done in many operating systems). By the way, the first three bytes can sometimes reveal the name of the creator of the chip or even the entire device.

If for a global network (in particular the Internet), addressing devices and processing packets is carried out at the IP address level, then in each individual local network segment MAC addresses are used for this. All devices on the same local network must have different MAC addresses. If this is not the case, there will be problems with the delivery of network packets and network operation. Moreover, this low level of information exchange is implemented within the operating system network stacks and the user does not need to interact with it. Perhaps, in reality there are literally a couple of common situations where a MAC address can be used. For example, when replacing a router on a new device, specify the same MAC address of the WAN port that was on the old one. The second option is to enable MAC address filters on the router to block access to the Internet or Wi-Fi.

A regular network switch allows you to combine several clients to exchange network traffic between them. Moreover, not only one computer or other client device can be connected to each port, but also another switch with its own clients. Roughly, the switch’s operation diagram looks like this: when a packet arrives at a port, it remembers the sender’s MAC and writes it into the “clients on this physical port” table, the recipient’s address is checked against other similar tables, and if it is in one of them, the packet is sent to corresponding physical port. Additionally, algorithms are provided for eliminating loops, searching for new devices, checking whether a device has changed a port, and others. To implement this scheme, no complex logic is required; everything works on fairly simple and inexpensive processors, so, as we said above, even low-end models are able to show maximum speeds.

Managed or sometimes called “smart” switches are much more complex. They are able to use more information from network packets to implement more complex algorithms their processing. Some of these technologies may also be useful for “high-end” or more demanding home users, as well as for solving some special tasks.

Second-level switches (Level 2, data link layer) are capable of taking into account, when switching packets, information contained within certain fields of network packets, in particular VLAN, QoS, multicast and some others. This is the option we will talk about in this article. More complex models of the third level (Level 3) can already be considered routers, since they operate with IP addresses and work with third-level protocols (in particular RIP and OSPF).

Let us note that the single universal and standard set There are no managed switch capabilities. Each manufacturer creates its own product lines based on its understanding of consumer requirements. So in each case it is worth paying attention to the specifications of a particular product and their compliance with the tasks set. Of course, there is no talk here of any “alternative” firmware with wider capabilities.

As an example, we use the Zyxel GS2200-8HP device. This model has been on the market for a long time, but is quite suitable for this article. Modern products in this segment from Zyxel generally provide similar capabilities. In particular, the current device of the same configuration is offered under the article number GS2210-8HP.

The Zyxel GS2200-8HP is an eight-port (24-port version available in the series) Level 2 managed gigabit switch that also includes PoE support and RJ45/SFP combo ports, as well as some higher-level switching features.

In terms of its format, it can be called a desktop model, but the package includes additional mounting hardware for installation in a standard 19″ rack. The body is made of metal. On the right side we see a ventilation grille, and with opposite side two small fans are installed. At the back there is only a network cable input for the built-in power supply.

All connections, traditionally for such equipment, are made from the front side for ease of use in racks with patch panels. On the left there is an insert with the manufacturer's logo and the illuminated name of the device. Next are the indicators - power, system, alarm, status/activity and power LEDs for each port.

Next, the main eight network connectors are installed, and after them two RJ45 and two SFPs that duplicate them with their own indicators. Such solutions are another characteristic feature similar devices. Typically, SFP is used to connect optical communication lines. Their main difference from the usual twisted pair cable is the ability to operate over significantly longer distances - up to tens of kilometers.

Due to the different types that can be used here physical lines, SFP standard ports are installed directly in the switch, into which special transceiver modules must be additionally installed, and optical cables are connected to them. At the same time, the resulting ports do not differ in their capabilities from the others, of course, except for the lack of PoE support. They can also be used in port trunking mode, scenarios with VLANs and other technologies.

The console serial port completes the description. It is used for servicing and other operations. In particular, we note that there is no reset button, which is typical for home equipment. IN difficult cases loss of control, you will have to connect via the serial port and reload the entire configuration file in debugging mode.

The solution supports administration via the Web and command line, firmware updates, 802.1x protocol to protect against unauthorized connections, SNMP for integration into monitoring systems, packets with a size of up to 9216 bytes (Jumbo Frames) to increase network performance, second-layer switching services, stacking capabilities for ease of administration.

Of the eight main ports, half support PoE+ with up to 30 W per port, and the remaining four support PoE with 15.4 W. The maximum power consumption is 230 W, of which up to 180 W can be supplied via PoE.

The electronic version of the user manual has more than three hundred pages. So the functions described in this article represent only a small part of the capabilities of this device.

Management and control

Unlike simple network switches, “smart” ones have tools for remote configuration. Their role is most often played by the familiar Web interface, and for “real administrators” access to the command line with its own interface via telnet or ssh is provided. A similar command line can be obtained through a connection to the serial port on the switch. In addition to habit, working with the command line has the advantage of convenient automation using scripts. There is also support for the FTP protocol, which allows you to quickly download new firmware files and manage configurations.

For example, you can check the status of connections, manage ports and modes, allow or deny access, and so on. In addition, this option is less demanding on bandwidth (requires less traffic) and the equipment used for access. But in the screenshots, of course, the Web interface looks more beautiful, so in this article we will use it for illustrations. Security is provided by a traditional administrator username/password, there is support for HTTPS, and you can also configure additional restrictions on access to switch management.

Note that, unlike many home devices, the interface has an explicit button for saving the current switch configuration to its non-volatile memory. Also on many pages you can use the Help button to call up contextual help.

Another option for monitoring the operation of the switch is to use the SNMP protocol. Using specialized programs, you can obtain information about the hardware status of the device, such as temperature or loss of a link on a port. For large projects, it will be useful to implement a special mode for managing several switches (a cluster of switches) from a single interface - Cluster Management.

The minimum initial steps to start up the device typically include updating the firmware, changing the administrator password, and configuring the switch's own IP address.

In addition, it is usually worth paying attention to options such as network name, synchronization of the built-in clock, sending the event log to an external server (for example, Syslog).

When planning the network layout and switch settings, it is recommended to calculate and think through all the points in advance, since the device does not have built-in controls for blocking and contradictions. For example, if you “forget” that you previously configured port aggregation, then VLANs with their participation may behave completely differently than required. Not to mention the possibility of losing connection with the switch, which is especially unpleasant when connecting remotely.

One of the basic “smart” functions of switches is support for network port aggregation technologies. Also used for this technology are terms such as trunking, bonding, and teaming. In this case, clients or other switches are connected to this switch not with one cable, but with several at once. Of course, this requires having several network cards on your computer. Network cards can be either separate or made in the form of a single expansion card with several ports. Typically in this scenario we are talking about two or four links. The main tasks solved in this way are increasing the speed of the network connection and increasing its reliability (duplication). A switch can support several such connections at once, depending on its hardware configuration, in particular, the number of physical ports and processor power. One option is to connect a pair of switches in this way, which will increase the overall network performance and eliminate bottlenecks.

To implement the scheme, it is advisable to use network cards that explicitly support this technology. But in general, the implementation of port aggregation can be done at the software level. This technology is most often implemented through the open LACP/802.3ad protocol, which is used to monitor the status of links and manage them. But there are also private options from individual vendors.

At the level operating system clients, after appropriate configuration, usually a new standard network interface simply appears, which has its own MAC and IP addresses, so that all applications can work with it without any special actions.

Fault tolerance is ensured by having multiple physical connections between devices. If the connection fails, traffic is automatically redirected along the remaining links. Once the line is restored, it will start working again.

As for increasing speed, the situation here is a little more complicated. Formally, we can assume that productivity is multiplied according to the number of lines used. However, the real increase in data reception and transmission speed depends on specific tasks and applications. In particular, if we are talking about such a simple and common task as reading files from a network storage device on a computer, then it will not gain anything from combining ports, even if both devices are connected to the switch by several links. But if port trunking is configured on a network storage device and several “regular” clients access it simultaneously, then this option will already receive a significant gain in overall performance.

Some examples of use and test results are given in the article. Thus, we can say that the use of port aggregation technologies at home will be useful only if there are several fast clients and servers, as well as a sufficiently high load on the network.

Setting up port aggregation on a switch is usually straightforward. In particular, on the Zyxel GS2200-8HP the necessary parameters are located in the Advanced Application - Link Aggregation menu. In total, this model supports up to eight groups. There are no restrictions on the composition of groups - you can use any physical port in any group. The switch supports both static port trunking and LACP.

You can check the current assignments by group on the status page.

On the settings page, active groups and their type are indicated (used to select the packet distribution scheme across physical links), as well as the assignment of ports to the desired groups.

If necessary, enable LACP for the required groups on the third page.

Next, you need to configure similar parameters on the device on the other side of the link. In particular, on a QNAP network drive this is done as follows - go to the network settings, select ports and the type of their connection.

After this, you can check the status of the ports on the switch and evaluate the effectiveness of the solution in your tasks.

VLAN

In a typical local network configuration, network packets “walking” through it use a common physical environment, like flows of people at subway transfer stations. Of course, switches, in a certain sense, prevent “foreign” packets from reaching the interface of your network card, but some packets, such as broadcast packets, can penetrate any corner of the network. Despite the simplicity and high speed of this scheme, there are situations when, for some reason, you need to separate certain types of traffic. This may be due to security requirements or the need to meet performance or prioritization requirements.

Of course, these issues can be resolved by creating a separate segment of the physical network - with its own switches and cables. But this is not always possible to implement. This is where VLAN (Virtual Local Area Network) technology—a logical or virtual local computer network—can come in handy. It may also be referred to as 802.1q.

To a rough approximation, the operation of this technology can be described as the use of additional “tags” for each network packet when it is processed in the switch and on the end device. In this case, data exchange only works within a group of devices with the same VLAN. Since not all equipment uses VLAN, the scheme also uses operations such as adding and removing tags of a network packet as it passes through the switch. Accordingly, it is added when a packet is received from a “regular” physical port for sending through the VLAN network, and removed when it is necessary to transmit a packet from the VLAN network to a “regular” port.

As an example of the use of this technology, we can recall multi-service connections of operators - when you get access to the Internet, IPTV and telephony via one cable. This was previously found in ADSL connections, and today is used in GPON.

The switch in question supports the simplified “Port-based VLAN” mode, when the division into virtual networks is carried out at the level of physical ports. This scheme is less flexible than 802.1q, but may be suitable in some configurations. Note that this mode is mutually exclusive with 802.1q, and for selection there is a corresponding item in the Web interface.

To create a VLAN according to the 802.1q standard, on the Advanced Applications - VLAN - Static VLAN page, you need to specify the name of the virtual network, its identifier, and then select the ports involved in the operation and their parameters. For example, when connecting regular clients, it is worth removing VLAN tags from the packets sent to them.

Depending on whether this is a client connection or a switch connection, you need to configure the required options on the Advanced Applications - VLAN - VLAN Port Settings page. In particular, this concerns adding tags to packets arriving at the port input, allowing packets without tags or with other identifiers to be broadcast through the port, and isolating the virtual network.

Access control and authentication

Ethernet technology initially did not support access control to the physical medium. It was enough to plug the device into the switch port - and it began to work as part of the local network. In many cases, this is sufficient because the security is provided by the complexity of a direct physical connection to the network. But today, the requirements for the network infrastructure have changed significantly and the implementation of the 802.1x protocol is increasingly found in network equipment.

In this scenario, when connecting to the switch port, the client provides its authentication data and without confirmation from the access control server, no information is exchanged with the network. Most often, the scheme involves the presence of an external server, such as RADIUS or TACACS+. The use of 802.1x also provides additional capabilities for monitoring network operation. If in the standard scheme you can “bind” only to the client’s hardware parameter (MAC address), for example, to issue an IP, set speed limits and access rights, then working with user accounts will be more convenient in large networks, since it allows for client mobility and other top level features.

A RADIUS server on a QNAP NAS was used for testing. It is designed as a separately installed package and has its own user base. It is quite suitable for this task, although in general it has few capabilities.

The client was a computer with Windows 8.1. To use 802.1x on it, you need to enable one service and after that a new tab appears in the properties of the network card.

Note that in this case we are talking exclusively about controlling access to the physical port of the switch. In addition, do not forget that it is necessary to ensure constant and reliable access of the switch to the RADIUS server.

To implement this feature, the switch has two functions. The first, the simplest, allows you to limit incoming and outgoing traffic on a specified physical port.

This switch also allows you to use prioritization for physical ports. In this case, there are no hard limits for speed, but you can select devices whose traffic will be processed first.

The second is included in more general scheme with the classification of switched traffic according to various criteria and is only one of the options for its use.

First, on the Classifier page, you need to define traffic classification rules. They apply Level 2 criteria - in particular MAC addresses, and in this model Level 3 rules can also be applied - including protocol type, IP addresses and port numbers.

Next on the Policy Rule page you specify necessary actions with traffic “selected” according to selected rules. The following operations are provided here: setting a VLAN tag, limiting the speed, outputting a packet to a given port, setting a priority field, dropping a packet. These functions allow, for example, to limit data exchange rates for client data or services.

More complex circuits can use 802.1p priority fields in network packets. For example, you can tell the switch to process telephony traffic first and give browser browsing the lowest priority.

PoE

Another possibility that is not directly related to the packet switching process is to provide power to client devices via a network cable. This is often used to connect IP cameras, telephones and wireless access points, which reduces the number of wires and simplifies switching. When choosing such a model, it is important to consider several parameters, the main of which is the standard used by the client equipment. The fact is that some manufacturers use their own implementations, which are incompatible with other solutions and can even lead to breakdown of “foreign” equipment. It is also worth highlighting “passive PoE”, when power is transmitted at a relatively low voltage without feedback and control of the recipient.

A more correct, convenient and universal option would be to use “active PoE”, operating according to the 802.3af or 802.3at standards and capable of transmitting up to 30 W (in new versions of the standards there are more high values). In this scheme, the transmitter and receiver exchange information with each other and agree on the necessary power parameters, in particular power consumption.

To test this, we connected an Axis 802.3af PoE compatible camera to the switch. On the front panel of the switch, the corresponding power indicator for this port lights up. Then, through the Web interface, we will be able to monitor the consumption status by port.

Also interesting is the ability to control the power supply to the ports. Because if the camera is connected with one cable and is located in a hard-to-reach place, to reboot it, if necessary, you will need to disconnect this cable either on the camera side or in the wiring closet. And here you can log into the switch remotely in any available way and simply uncheck the “supply power” checkbox, and then put it back. In addition, in the PoE settings, you can configure the priority system for providing power.

As we wrote earlier, the key field of network packets in this equipment is the MAC address. Managed switches often have a set of services designed to use this information.

For example, the model under consideration supports static assignment of MAC addresses to a port (usually this operation occurs automatically), filtering (blocking) of packets by source or recipient MAC addresses.

In addition, you can limit the number of client MAC address registrations on a switch port, which can also be considered an additional security option.

Most layer 3 network packets are usually unidirectional - they go from one addressee to one recipient. But some services use multicast technology, when one package has several recipients at once. Most famous example- this is IPTV. The use of multicast here allows you to significantly reduce bandwidth requirements when it is necessary to deliver information a large number clients. For example, multicast of 100 TV channels with a flow of 1 Mbit/s will require 100 Mbit/s for any number of clients. If we use standard technology, then 1000 clients would require 1000 Mbit/s.

We will not go into the details of how IGMP works; we will only note the possibility of fine-tuning the switch for efficient work under heavy loads of this type.

Complex networks may use special protocols to control the path of network packets. In particular, they make it possible to eliminate topological loops (“looping” of packets). The switch in question supports STP, RSTP and MSTP and has flexible settings for their operation.

Another feature in demand in large networks is protection against situations such as “broadcast storm”. This concept characterizes a significant increase in broadcast packets in the network, blocking the passage of “normal” useful traffic. The simplest way to combat this is to set processing restrictions. a certain number packets per second for switch ports.

Additionally, the device has an Error Disable function. It allows the switch to shut down ports if it detects excessive service traffic on them. This allows you to maintain productivity and ensure automatic recovery when the problem is fixed.

Another task, more related to security requirements, is monitoring all traffic. In normal mode, the switch implements a scheme to send packets only directly to their recipients. It is impossible to “catch” a “foreign” packet on another port. To implement this task, port mirroring technology is used - control equipment is connected to selected switch ports and all traffic from specified other ports is configured to be sent to this port.

The IP Source Guard and DHCP Snooping ARP Inspection functions are also aimed at increasing security. The first allows you to configure filters involving MAC, IP, VLAN and port number through which all packets will pass. The second protects the DHCP protocol, the third automatically blocks unauthorized clients.

Conclusion

Of course, the capabilities described above represent only a fraction of the network switching technologies available on the market today. And even from this small list, not all of them can find real use among home users. Perhaps the most common are PoE (for example, to power network video cameras), port aggregation (in the case of a large network and the need for fast traffic exchange), traffic control (to ensure the operation of streaming applications under high load on the channel).

Of course, it is not at all necessary to use business-level devices to solve these problems. For example, in stores you can find a regular switch with PoE, port aggregation is also found in some top-end routers, prioritization is also starting to be found in some models with fast processors and high-quality software. But, in our opinion, the option of purchasing more professional equipment, including on the secondary market, can also be considered for home networks with increased requirements for performance, security and manageability.

By the way, there is actually another option. As we said above, in all “smart” switches there can be direct “mind” different quantities. And many manufacturers have series of products that fit well into home budget and at the same time are able to provide many of the capabilities described above. As an example, we can mention the Zyxel GS1900-8HP.

This model has a compact metal case and an external power supply, it has eight Gigabit ports with PoE, and a Web interface is provided for configuration and management.

The device firmware supports port aggregation with LACP, VLAN, port rate limiting, 802.1x, port mirroring and other functions. But unlike the “real managed switch” described above, all this is configured exclusively through the Web interface and, if necessary, even using an assistant.

Of course, we are not talking about the similarity of this model to the device described above in terms of its capabilities as a whole (in particular, there are no traffic classification tools and Level 3 functions here). Rather, it is simply a more suitable option for the home user. Similar models can be found in the catalogs of other manufacturers.

An unmanaged switch is suitable for building a home or small office network. Its difference from the others is the “boxed” version. That is, after the purchase, it is enough to set up a connection to the provider’s server and you can distribute the Internet.

When working with such a switch, it is worth considering that short-term delays are possible when using voice pagers (Skype, Vo-IP) and the impossibility of distributing the Internet channel width. That is, when you turn on the Torrent program on one of the computers on the network, it will consume almost the entire bandwidth of the channel, and the rest of the computers on the network will use the remaining bandwidth.

A managed switch is best solution for building a network in offices and computer clubs. This type is sold as standard and with standard settings.

To configure such a switch you will have to work hard - large number Settings can be overwhelming, but with the right approach it can bring remarkable results. Main feature- distribution of channel width and configuration of the throughput of each port. Let's take as an example an Internet channel of 50 Mbps/s, 5 computers on the network, an IP-TV set-top box and an ATC. We can do several options, but I will consider only one.

Next - only your imagination and out-of-the-box thinking. In total we have a relatively large channel. Why relatively? You will learn this information further if you carefully delve into the essence. I forgot to clarify - I'm putting together a network for a small office. IP-TV is used for TV in the waiting room, computers - for working with e-mail, transferring documents, browsing websites, ATC - for connecting landline phones to the main line for receiving calls from Skype, QIP, cell phones etc.

A managed switch is a modification of a regular, unmanaged switch.

In addition to the ASIC chip, it contains a microprocessor capable of performing additional operations on frames, such as filtering, modification and prioritization, as well as other actions not related to frame forwarding. For example, provide a user interface.

In practical terms, the differences between managed and unmanaged switches lie, firstly, in the list of supported standards - if a regular, unmanaged switch supports only the Ethernet standard (IEEE 802.3) in its various varieties, then managed switches support a much wider list of standards: 802.1Q. 802.1X, 802.1AE, 802.3ad (802.1AX) and so on, which require configuration and management.

There is another type - SMART switches.

The appearance of smart switches was due to a marketing move - the devices support a significantly smaller number of functions than their older brothers, but are nevertheless manageable.

In order not to confuse or mislead consumers, the first models were produced with the designation intelligent or web-managed.

These devices offered the basic functionality of managed switches at a significantly lower price - VLAN organization, administrative enabling and disabling of ports, MAC address filtering or speed limiting. Traditionally, the only way management was a web interface, so the name web-managed was firmly assigned to smart switches.

The switch stores a switching table in associative memory, which indicates the correspondence of the host MAC address to the switch port. When the switch is turned on, this table is empty, and it begins to operate in learning mode. In this mode, data arriving on any port is transmitted to all other ports of the switch. In this case, the switch analyzes the frames and, having determined the MAC address of the sending host, enters it into the table.

Subsequently, if one of the switch ports receives a frame intended for a host whose MAC address is already in the table, then this frame will be transmitted only through the port specified in the table. If the destination host's MAC address is not bound to any port on the switch, then the frame will be sent to all ports.

Over time, the switch builds a complete table for all its ports, and as a result, the traffic is localized.

It is worth noting the low latency (delay) and high forwarding speed on each interface port.

Switching methods in a switch.

There are three switching methods. Each of them is a combination of parameters such as the waiting time for the switch to make a decision (latency) and transmission reliability.

With intermediate storage (Store and Forward).

“Cut-through”.

“Fragment-free” or hybrid.

With intermediate storage (Store and Forward). The switch reads all incoming information in the frame, checks it for errors, selects a switching port, and then sends the verified frame to it.

“Cut-through”. The switch reads only the destination address in the frame and then performs the switching. This mode reduces transmission delays, but does not have an error detection method.

“Fragment-free” or hybrid. This mode is a modification of the "All Around" mode. The transmission is carried out after filtering collision fragments (frames 64 bytes in size are processed using store-and-forward technology, the rest using cut-through technology). The "switch decision" latency is added to the time it takes a frame to enter and exit a switch port and together determines the overall switch latency.

Switch performance characteristics.

The main characteristics of a switch that measure its performance are:

• - filtration speed;
• - routing speed (forwarding);
• - throughput;
• - frame transmission delay.

Additionally, there are several switch characteristics that have the greatest impact on specified characteristics productivity. These include:

• - size of frame buffer(s);
• - internal bus performance;
• - performance of the processor or processors;
• - size of the internal address table.

Frame filtering and forwarding speed are two key performance characteristics of a switch. These characteristics are integral indicators; they do not depend on how the switch is technically implemented.

The filtering rate determines the speed at which the switch performs the following frame processing steps:

• - receiving the frame into your buffer;
• - destruction of the frame, since its destination port coincides with the source port.

The forwarding rate determines the speed at which the switch performs the following frame processing steps:

• - receiving the frame into your buffer;
• - viewing the address table to find the port for the frame's destination address;
• - transmission of the frame to the network through the destination port found in the address table.

Both filtering speed and forwarding speed are usually measured in frames per second.

If the characteristics of the switch do not specify for which protocol and for what frame size the filtering and forwarding speeds are given, then by default it is assumed that these indicators are given for the Ethernet protocol and frames 64 bytes long (without preamble), with a data field of 46 bytes .

The use of frames of minimum length as the main indicator of the speed of a switch is explained by the fact that such frames always create the most difficult operating mode for the switch compared to frames of other formats with equal throughput of transferred user data.

Therefore, when testing a switch, the minimum length frame transmission mode is used as the most difficult test, which should test the switch's ability to operate under the worst combination of traffic parameters for it.

In addition, for packets of minimal length, the filtering and forwarding speeds are maximum value, which is of no small importance when advertising a switch.

The throughput of a switch is measured by the amount of user data transmitted per unit of time through its ports.

Since the switch operates at the data link level, its user data is the data that is transferred to the data field of data link layer protocol frames - Ethernet, Token Ring, FDDI, etc.

The maximum value of the switch throughput is always achieved on frames of maximum length, since in this case the share of overhead costs for frame service information is much lower than for frames of minimum length, and the time the switch performs frame processing operations per one byte of user information is significantly less.

The dependence of the switch's throughput on the size of transmitted frames is well illustrated by the example of the Ethernet protocol, for which, when transmitting frames of minimum length, a transmission speed of 14880 frames per second and a throughput of 5.48 Mb/s is achieved, and when transmitting frames of maximum length, a transmission speed of 812 frames per second is achieved. second and throughput 9.74 Mb/s.

Throughput drops almost twice when switching to frames of minimum length, and this does not take into account the loss of time for processing frames by the switch.

Frame transmission latency is measured as the time elapsed from the moment the first byte of the frame arrives at the input port of the switch until the moment this byte appears at the output port of the switch.

Latency consists of the time spent buffering the frame's bytes, as well as the time spent processing the frame by the switch - looking through the address table, making filtering or forwarding decisions, and gaining access to the egress port environment. The amount of delay introduced by the switch depends on its operating mode. If switching is carried out "on the fly", then the delays are usually small and range from 10 µs to 40 µs, and with full frame buffering - from 50 µs to 200 µs (for frames of minimum length). A switch is a multiport device, so it is customary to give all the above characteristics (except for frame transmission delay) in two versions:

• - the first option is the total performance of the switch with simultaneous transmission of traffic on all its ports;
• - the second option is the performance given per port.

Since when traffic is simultaneously transmitted by several ports, there is a huge number of traffic options, differing in the size of the frames in the flow, the distribution of the average intensity of frame flows between destination ports, the coefficients of variation in the intensity of frame flows, etc., etc.

Then, when comparing switches for performance, it is necessary to take into account for which traffic variant the published performance data is obtained. Some laboratories that constantly test communications equipment have developed detailed descriptions of the testing conditions for switches and use them in their practice, but these tests have not yet become common in industry. IN ideally A switch installed on a network transmits frames between nodes connected to its ports at the speed at which the nodes generate these frames, without introducing additional delays or losing a single frame.

In real practice, the switch always introduces some delays when transmitting frames, and may also lose some frames, that is, not deliver them to the recipients. Due to differences in internal organization different models switches, it is difficult to predict how a particular switch will transmit frames of some specific sample traffic. The best criterion is still the practice of placing a switch in a real network and measuring the delays it introduces and the number of lost frames. The overall performance of the switch is ensured by the sufficiently high performance of each of its individual elements - the port processor, switching matrix, common bus connecting modules, etc.

Regardless of the internal organization of the switch and the methods of pipelining its operations, it is possible to determine fairly simple performance requirements for its elements that are necessary to support a given traffic matrix. Because switch manufacturers strive to make their devices as fast as possible, the overall internal performance of a switch often exceeds by some margin the average intensity of any traffic that can be sent to the switch ports according to their protocols.

This type of switch is called non-blocking, i.e., any type of traffic is transmitted without reducing its intensity. In addition to the throughput of individual elements of the switch, such as port processors or the common bus, the performance of the switch is affected by such parameters as the size of the address table and the volume of the general buffer or individual port buffers.

The address table size affects the maximum capacity of the address table and determines the maximum number of MAC addresses that the switch can handle simultaneously.

Since switches most often use a dedicated processing unit to perform operations on each port with its own memory to store an instance of the address table, the size of the address table for switches is usually given per port.

Instances of the address table of different processor modules do not necessarily contain the same address information - most likely there will not be many duplicate addresses, unless the distribution of traffic on each port is completely equal among the other ports. Each port stores only those sets of addresses that it uses in lately. Meaning maximum number The MAC addresses that the port processor can remember depend on the application of the switch. Workgroup switches typically support only a few addresses per port because they are designed to form microsegments. Department switches must support several hundred addresses, and network backbone switches must support up to several thousand, typically 4000 - 8000 addresses. Insufficient address table capacity can cause the switch to slow down and the network to become clogged with excess traffic. If the port processor's address table is completely full, and it encounters a new source address in an incoming packet, then it must evict any old address from the table and place a new one in its place. This operation itself will take some of the processor's time, but the main performance loss will be observed when a frame arrives with a destination address that had to be removed from the address table.

Since the frame's destination address is unknown, the switch must forward the frame to all other ports. This operation will create unnecessary work for many port processors, in addition, copies of this frame will end up on those network segments where they are completely unnecessary. Some switch manufacturers solve this problem by changing the algorithm for handling frames with an unknown destination address. One of the switch ports is configured as a trunk port, to which all frames with an unknown address are sent by default.

The switch's internal buffer memory is needed to temporarily store data frames in cases where they cannot be immediately transmitted to the output port. The buffer is designed to smooth out short-term traffic bursts.

After all, even if the traffic is well balanced and the performance of the port processors, as well as other processing elements of the switch, is sufficient to transmit average traffic values, this does not guarantee that their performance will be sufficient for very large peak loads. For example, traffic can arrive simultaneously at all switch inputs within a few tens of milliseconds, preventing it from transmitting received frames to output ports. To prevent frame loss when the average traffic intensity is repeatedly exceeded for a short time (and for local networks, traffic ripple coefficient values ​​in the range of 50-100 are often found), the only means is a large-volume buffer. As with address tables, each port processor module typically has its own buffer memory for storing frames. The larger the volume of this memory, the less likely it is that frames will be lost due to overloads, although if the average traffic values ​​are unbalanced, the buffer will sooner or later overflow.

Typically, switches designed to operate in critical parts of the network have a buffer memory of several tens or hundreds of kilobytes per port.

It is good when this buffer memory can be redistributed between several ports, since simultaneous overloads on several ports are unlikely. An additional means of protection can be a buffer common to all ports in the switch management module. Such a buffer usually has a capacity of several megabytes.