Thursday, October 17, 2013

How switches and bridges filter frames

How switches and bridges filter frames 
4.3.4 If the frame is addressed for another LAN, the bridge copies the frame onto the second LAN. Ignoring a frame is called filtering. Copying the frame is called forwarding.
Emphasize that a bridge is considered a store-and-forward device because it must examine the destination address field and calculate the cyclic redundancy check (CRC) in the frame check sequence field before forwarding the frame to all ports. Students may need a further explanation of the term CRC. Encourage them to check the glossary for an explanation of this term. If the destination port is busy, the bridge can temporarily store the frame until the port is available. The time it takes to perform these tasks slows the network transmissions and causes increased latency.

This page will explain how switches and bridges filter frames. In this discussion, the terms “switch” and “bridge” are synonymous.
Most switches are capable of filtering frames based on any Layer 2 frame field. For example, a switch can be programmed to reject, not forward, all frames sourced from a particular network. Because link layer information often includes a reference to an upper-layer protocol, switches can usually filter on this parameter. Furthermore, filters can be helpful in dealing with unnecessary broadcast and multicast packets.
Once the switch has built the local address table, it is ready to operate. When it receives a frame, it examines the destination address. If the frame address is local, the switch ignores it. If the frame is addressed for another LAN segment, the switch copies the frame onto the second segment.
  • Ignoring a frame is called filtering.
  • Copying the frame is called forwarding.
Basic filtering keeps local frames local and sends remote frames to another LAN segment.
Filtering on specific source and destination addresses performs the following actions:
  • Stopping one station from sending frames outside of its local LAN segment
  • Stopping all "outside" frames destined for a particular station, thereby restricting the other stations with which it can communicate
Both types of filtering provide some control over internetwork traffic and can offer improved security.
Most Ethernet switches can now filter broadcast and multicast frames. Bridges and switches that can filter frames based on MAC addresses can also be used to filter Ethernet frames by multicast and broadcast addresses. This filtering is achieved through the implementation of virtual local-area networks or VLANs. VLANs allow network administrators to prevent the transmission of unnecessary multicast and broadcast messages throughout a network. Occasionally, a device will malfunction and continually send out broadcast frames, which are copied around the network. This is called a broadcast storm and it can significantly reduce network performance. A switch that can filter broadcast frames makes a broadcast storm less harmful.
Today, switches are also able to filter according to the network-layer protocol. This blurs the demarcation between switches and routers. A router operates on the network layer using a routing protocol to direct traffic around the network. A switch that implements advanced filtering techniques is usually called a brouter. Brouters filter by looking at network layer information but they do not use a routing protocol.
The next page will explain how switches are used to segment a LAN. 

No comments:

Post a Comment