Get AI summaries of any video or article — Sign up free
What is a SWITCH? // FREE CCNA // Day 1 thumbnail

What is a SWITCH? // FREE CCNA // Day 1

NetworkChuck·
5 min read

Based on NetworkChuck's video on YouTube. If you like this content, support the original creators by watching, liking and subscribing to their content.

TL;DR

Switches forward frames using MAC addresses at Layer 2, not IP addresses at Layer 3.

Briefing

A switch’s real superpower is learning where devices live on a network and then forwarding traffic only to the right port—fixing the “send to everyone” behavior of hubs that makes networks noisy and insecure. In day one of NetworkChuck’s CCNA series, the lesson starts with a simple goal: connect computers so they can exchange data, then quickly drills into what happens inside the switch when a device sends a ping.

The walkthrough contrasts a hub and a switch using Cisco Packet Tracer. With a hub, when one laptop pings another, the hub blindly repeats the electrical signal out every port. That means even devices that aren’t the target receive the frame, creating unnecessary exposure. The simulation highlights this with outcomes where non-target devices get traffic they should ignore, and it sets up the security problem: if someone can observe traffic on a hub-based network, they can see everyone’s communications.

A switch behaves differently. When the same ping runs in the switch environment, only the intended recipient receives the frame, and the reply returns only to the original sender. The mechanism is the switch’s “brain,” a CAM table (content addressable memory) that maps MAC addresses to switch ports. As devices send frames, the switch learns the source MAC address and records which port that MAC came from. Later, when a frame arrives, the switch uses the destination MAC address to decide where to forward it.

The lesson ties this to OSI layering. Physical layer (Layer 1) is the electrical signaling over Ethernet. Data link layer (Layer 2) is where MAC addresses live, and frames are the unit of communication that switches forward. Layer 3 introduces IP addresses, but switches don’t understand IP; they operate at Layer 2. Packet Tracer is used to show that a switch can’t “see” the IP addresses used in ping (like 10.1.1.2), so forwarding decisions rely on MAC addresses instead.

To make the concept concrete, the course has learners enter a Cisco CLI command on the switch: show mac-address-table. That command reveals the CAM table entries—confirming that the switch stores MAC-to-port mappings learned from prior traffic. The transcript also clarifies terminology: Layer 2 messages are frames, while people sometimes loosely call them packets; technically, frames are the correct term for what switches handle.

Finally, wireless is introduced as a practical extension of switching. An access point connects to the switch via Ethernet, but the wireless side behaves more like a hub: it broadcasts frames to multiple wireless clients, which can increase unnecessary traffic and contribute to congestion and collisions. The takeaway is pragmatic—hardwired Ethernet is preferred when possible.

By the end, two Boson practice questions reinforce the core rules: switches populate the CAM table using the source MAC address, and they make forwarding decisions using the destination MAC address. The day closes with the idea that routers and higher OSI layers will come next, but the switch’s Layer 2 logic is the foundation for everything that follows.

Cornell Notes

Switches improve on hubs by learning which MAC addresses are reachable through which ports, then forwarding frames only to the correct destination. Packet Tracer simulations show that hubs repeat traffic out every port, while switches send only to the intended device. A switch builds and consults a CAM table (content addressable memory) using source MAC addresses from incoming frames, and it forwards based on destination MAC addresses. Switches operate at Layer 2 (frames, MAC addresses) and do not use Layer 3 IP addresses for forwarding decisions. The CLI command show mac-address-table lets learners verify the switch’s learned MAC-to-port mappings.

Why does a hub send a ping reply to the wrong devices, and what does that imply for security?

A hub has no intelligence: it repeats incoming electrical signals out every port. In the simulation, when Harry pings Ron through a hub, the hub broadcasts the frame to all connected devices. Even though non-target devices typically ignore frames not meant for them, the traffic still reaches them, creating unnecessary exposure. That “everyone hears everything” behavior is exactly what makes hub-based networks less secure and more chaotic than switch-based networks.

What exactly is the CAM table, and how does it get populated?

The CAM table (content addressable memory) is the switch’s internal mapping of MAC addresses to switch ports. It gets populated when a device sends a frame: the switch reads the frame’s source MAC address and records which port that source MAC arrived on. Later, when another frame arrives, the switch uses the destination MAC address to forward the frame to the correct port.

Which address does a switch use to populate the CAM table—source or destination?

A switch uses the source MAC address to populate the CAM table. The logic is straightforward: the source MAC identifies the device that sent the frame, and the switch can associate that device’s MAC with the port where the frame came in.

Which address does a switch use to make forwarding decisions—source or destination?

A switch uses the destination MAC address to make forwarding decisions. When a frame arrives, the switch looks up the destination MAC in its CAM table and forwards the frame out the port mapped to that destination. It does not use IP addresses for this decision because switches are Layer 2 devices.

Why doesn’t a switch use IP addresses (Layer 3) like it does MAC addresses (Layer 2)?

A switch can’t interpret Layer 3 IP addressing for forwarding because it operates at Layer 2. In the Packet Tracer ping examples, the ping uses IP addresses (like 10.1.1.2), but the switch forwards based on MAC addresses found in the Ethernet frame. When Layer 3 appears in the simulation, it’s relevant to the endpoints, not to the switch’s forwarding logic.

How is an access point different from a switch in how it handles traffic?

An access point connects to the switch via Ethernet, but the wireless portion behaves more like a hub. In the simulation, when a wireless client sends a ping, the access point ultimately broadcasts the frame to wireless clients rather than delivering only to the single intended station. That increases unnecessary traffic on the wireless segment and can contribute to congestion.

Review Questions

  1. In a switch-based network, what information must the switch learn first in order to forward a frame only to the correct port?
  2. During a ping, which OSI layer’s addressing does the switch rely on for forwarding decisions, and why?
  3. What does the CLI command show mac-address-table reveal, and how does that relate to the CAM table?

Key Points

  1. 1

    Switches forward frames using MAC addresses at Layer 2, not IP addresses at Layer 3.

  2. 2

    Hubs repeat incoming signals out every port, which causes unnecessary traffic and broader visibility.

  3. 3

    A switch learns MAC-to-port mappings by recording the source MAC address from incoming frames into its CAM table.

  4. 4

    Forwarding decisions use the destination MAC address to send traffic only to the port where the destination device resides.

  5. 5

    The CLI command show mac-address-table lets you verify the switch’s learned CAM table entries.

  6. 6

    Wireless access points connect to switches via Ethernet but often broadcast frames over Wi‑Fi in a hub-like way, increasing unnecessary traffic.

  7. 7

    Layer 1 is the physical electrical signaling; Layer 2 uses frames; Layer 3 uses IP addresses for endpoint communication.

Highlights

A hub broadcasts traffic to every port; a switch forwards only to the correct port by using MAC address lookups.
The CAM table (content addressable memory) is the switch’s “brain,” built from source MAC addresses and used with destination MAC addresses.
Switches are Layer 2 devices: they can’t base forwarding on IP addresses even when pings use IPs.
show mac-address-table exposes the switch’s learned MAC-to-port mappings.
Access points extend switching to wireless, but the wireless segment can behave more like a hub by broadcasting frames to multiple clients.

Topics

  • Switch vs Hub
  • CAM Table
  • MAC Addressing
  • OSI Layers 1-3
  • Packet Tracer Labs

Mentioned

  • Cisco Packet Tracer
  • Boson Software
  • Boson NetSim
  • CCNA
  • CCNP
  • CLI
  • CAM
  • OSI
  • MAC
  • IP
  • Wi-Fi

Get summaries like this for any content

Videos, articles, research papers — all summarized by AI and searchable in one place.

Start building your library