The operation of the switch is mainly based on the following principles:
MAC address learning
When a switch is first connected to the network, its MAC address table is empty. When a data frame enters a port on a switch, the switch first reads the source MAC address in that data frame. For example, if computer A connects to port 1 of a switch via a network cable and sends a data frame, the switch extracts the MAC address of computer A from this data frame.
The switch then records this MAC address and the port number (in this case, port 1) into its own MAC address table. In this way, as devices on the network continue to send data frames, the switch learns the MAC address of each device and its corresponding port.
For example, if there are 5 computers connected to different ports on a small office network, the MAC addresses of the 5 computers and the ports they are connected to will be recorded in the MAC address table of the switch after a period of communication.
Data frame forwarding
When the switch receives a dataframe, it looks at the destination MAC address in the dataframe. If the switch finds a port for the destination MAC address in its own MAC address table, it forwards the data frame directly to that port.
For example, if machine A wants to send data to machine B, the switch has learned that the MAC address of machine A corresponds to port 1, and the MAC address of machine B corresponds to port 3. When the switch receives a data frame from computer A to computer B, it forwards the data frame away from port 3 so that the data reaches computer B accurately.
If the switch does not find a port for the destination MAC address in the MAC address table, this situation is called an "unknown unicast frame". In this case, the switch will take the flooding method to forward the data frames. It forwards this data frame out of all ports except the port where the data frame enters. This is because the switch does not know which port the destination MAC address is, so it floods to ensure that the data frame reaches the destination device. When the destination device responds after receiving the data frame, the switch can learn the port corresponding to the destination MAC address and perform normal forwarding.
Dataframe filtering
The switch also has data frame filtering. It only forwards the data frame to the port corresponding to the destination MAC address, and does not broadcast the data frame to all ports like the hub does.
For example, in a network with multiple VLANs (virtual local area networks), switches can filter data frames based on VLAN information. If the source and destination devices of a data frame are in the same VLAN, the switch will handle the data according to the normal MAC address forwarding rules. If they are in different VLANs, the switch may forward the data frames to the port connected to the router, depending on the configuration, and the router will handle the communication across the VLAN.
For multi-layer switches (such as Layer 3 switches, Layer 4 switches), they add functions at the network layer (based on IP addresses) and transport layers (based on port numbers, etc.) on the basis of the above working principles of the data link layer. Layer 3 switches can route based on IP addresses, and Layer 4 switches can forward and control traffic at a more granular level based on things like TCP or UDP port numbers.