What is a Switch


What is a Switch?

A switch is a networking device used to connect numerous networkable devices together, this can include: PC’s, servers, printers, routers and other switches. A typical consumer grade switch will have either 4 or 8 Ethernet ports, ideal for a small office or business, however, there are larger switches that contain anywhere from 8 to 40 individual Ethernet ports, more commonly found in large organisations with a lot of nodes.

What is a Node?

A node is the name given to any device connected to a network. This can refer to anything connected on the network such as: PC’s, servers or printers, as well as smartphones when referring to a wireless network.


Daisy-Chaining is a term used to describe the connection of multiple devices together in either a line or loop. In relation to switches, multiple switches can be connected using the daisy-chain method.

Example 1: If you had two 8-port switches, you will have 16 ports in total, but 2 of these will be used to connect the switches together.

Example 2: If you have the same two 8-port switches, 2 PC’s and a server, of the 16 ports on both switches you will need: 2 ports to connect the switches together, 2 ports for the PC’s and a final port for the server. This will leave you with 11 spare ports which can be used for future expansion, however, should you have only used a single 8-port switch for this, you would only have 5 ports remaining for future expansion.

To an extent, daisy-chaining switches together is reliable and cost effective to a point, however, this application wouldn’t be suitable for a larger organisation, although some high-end switches perform well in this situation. Daisy-chaining does have its drawbacks, the main areas of concern are Latency and Single Point of Failure.

Latency, Lag & Ping

‘Ping’ is the name given to a signal, typically data, sent from a computer. The receiving computer in turn will send its own signal or ‘ping’ back to the first computer (send and receive).
The time taken to send and receive the ‘ping’ is called Latency. Measured in milliseconds (ms), latency simply measures the time taken to send a signal and receive the response. Typically, latency is affected by a number of aspects, however, a general rule of thumb is that the lower the latency time the better, meaning your connection speed is as fast as possible.

As previously mentioned, latency is not a fixed value and can be affected in a number of ways on the network environment. The fluctuation of the latency time is referred to as lag. Simply speaking, if a computer is experiencing ‘lag’ then its latency time has increased, usually by quite a substantial amount so the user can clearly notice their computer/application performing slower than usual. Network traffic, applications, network design and also sender/receiver distance can all impact latency in various ways.

Single Point of Failure

Stringing numerous switches together is a viable option as stated above, however, it does also present a new risk, being SPoF or Single Point of Failure. SPoF is used to describe a physical or virtual application, machine or device upon which its surrounding environment is structured and without it cannot perform. The term is frequently used in networking to describe a device or service upon which the network is structured or dependant on. An example of this would be an office of 5 computers all sending data to a single data storage server via a switch. In the event the switch breaks and becomes inoperable, the server too becomes useless even though it is working as no users can interact with it. In this case, the switch would be identified as the SPoF.

Typically, most network designers or administrators aim to reduce as many single points of failure as possible when building a network. This may include numerous wires connecting the same devices together ensuring that each line has a backup or even reserve devices such as servers and switches which can either be swapped with faulty devices or also wired into the system to be used in the event of a failure.

Switches, Hubs and Routers

A hub is the most basic of the three networking devices. Although it acts like a switch and router, it performs very simply. When data is received on any port, the hub copies the data and transmits it across all other ports. This may be ideal for connecting a couple of PCs in a small office but is not applicable to larger networks, due to the fact that all ports are sent a copy of all data, which can be a major security risk. A switch is essentially a hub, however, it is more advanced as it can not only manage bandwidth across all ports, but also uses an address system to direct data traffic to specific ports.

Switches use a system called Packet Switching to transfer data across a network. Data that enters the switch is grouped into a ‘packet’. Every packet comprises of 2 parts, the header and payload. The header contains necessary information about the data contained in the payload, for example: the sender, the destination and the packet size. The payload is more straightforward and is simply the data that is being transmitted. In addition, switches utilise layer 2 of the OSI model, this is known as the Data-Link layer and is primarily responsible for node-to-node data transfer, however, it also has 2 sub-layers: MAC and LLC.


The Media Access Control (MAC) sub-layer is responsible for transferring data packets from one network interface card to another across a shared channel. This MAC sub-layer ensures that signals sent from different nodes across the network do not collide during transmission. Logical Link Control (LLC) acts as an interface between the MAC sub-layer and layer 3 of the OSI model, the Network layer, ensuring that data forwarding is done as efficiently as possible.

Switches log and maintain an internal list of MAC addresses for connected devices, it uses these to know what device is on each of its ports. In comparison to a hub, this is a valuable feature and worth investing in as it offers direct communication, whereas hubs send all information to everyone.

However, in comparison to a router, switches are less advanced as they do not feature a firewall or logging capabilities. Typically, switches can only operate as their hardware was manufactured and designed to do so, whereas most routers are software programmable.

Managed and Unmanaged Switches

When referring to switches, the terms managed and unmanaged (also referred to as smart and dumb switches), are a common expression used to describe the type of switch on offer. An unmanaged or dumb switch is a basic form of switch. It is commonly known as Plug and Play, as devices are simply plugged into the switch and they will work. This type of switch is manufactured and shipped with a single configuration and cannot be changed, this is ideal for a small network where monitoring is not a necessity.

A managed or smart switch provides all the same hardware functionality of a unmanaged switch, however it has the added ability of software configuration, ideal for anyone who wants to manage, monitor or configure their local network properties. In addition, managed switches give the added benefit of network traffic control (as described above).

Managed switches have a number of different services available, each is outlined below.

Quality of Service

Quality of Service is a network management tool that allows the prioritisation of network traffic as well as the management of bandwidth. This ensures that data from a particular device is given priority over others or a device is allocated more bandwidth to accommodate its needs, such as large data transfers. This is done by implementing a range of rules against devices or ports connected to the switch.

Simple Network Management Protocol

Simple Network Management Protocol is a widely adopted networking protocol that allows for the monitoring and management of a network to see its performance. This is a key tool to any network administrator as it allows them to flag potential issues as well as attempt to solve issues remotely when they occur.

Virtual Local Area Network

A Virtual Local Area Network (VLAN), allows for the grouping of devices on a network virtually as opposed to physically through cables and various other networking equipment. VLANs have a number of useful abilities including: allowing additional security measures to be applied to network communication, make expansion of the network or relocation of a device on the network simpler and give an added range of flexibility to network administrators as they can configure a range of devices in a centralised location regardless of the device’s physical location. In addition, it can reduce the latency effect and traffic load on the network and network devices increasing performance.


Redundancy in networking is a principle of maintaining a network’s functionality and operability or recovering from the failure of an integral component or system. Redundancy takes the form of either: back up equipment installed on or kept local in relation to the network to be transplanted into it, in the event a device or system goes down. Also, data backups fall under the redundancy criteria with regular backups ensuring that data is kept safe and a clean copy of data can be reinstalled should the main/current version be corrupt, lost or infected.

Port Mirroring

Port Mirroring is a valuable software tool available to network administrators and analysts. It copies all data that is sent into the switch and sends it down a single port, which will ultimately be connected to a PC used by either the network administrator or an analyst who can then review data. This can be used for 2 main purposes: diagnosis and security. In terms of security, by screening or viewing all data sent on a network, harmful or malicious data cannot only be spotted, but also tracked and remove. In terms of diagnosis, it allows the analyst to diagnose network issues without taking the network out of commission, ultimately reducing the downtime for everyone else on the network or part of the network.