A network switch is a device with multiple physical ethernet ports between which frames are forwarded according to the specific rules the switch has been configured with.
The most basic scenario would be an unmanaged switch with a single broadcast domain – in such a setup the switch would learn which MAC addresses can be found behind which ports and when it receives a frame for a given MAC address, it forwards the frame to the given port.
These days this basic functionality can be accomplished by a single chip which is called a “Switch fabric” (e.g. BCM5670, BCM5690) which then uses a PHY to send the frames over a wire (or any other medium). For more complex features like RSTP or VLANs you need something which dynamically manages the switch fabric.
In the case of our COTS switches this is usually a simple CPU (e.g. MPC8245) with an accompanying operating system (VxWorks, proprietaryLinux variants).
What does actually happen inside a switch?
When you power on a switch, the CPU loads a bootloader containing architecture-specific initialization code, a filesystem driver and instructions which then locate, load and execute an image (“firmware”) which contains the operating system of the switch.
The operating system then reads the configuration of the switch (usually stored on a local flash area) and initializes the switch fabric according to these rules (VLANs, Port speeds, MAC filters, Port Security, etc.).
The OS then sets up hooks for specific frames which should be handled by the CPU, e.g. STP updates, 802.1x authentication, LLDP messages and so on.
When all initialization has completed, the switch is ready for operation. All the heavy lifting (frame pushing) is done completely by the Switch Fabric, the complex things are handled by the Operating System which runs on the CPU.
etherhack 
Leave a comment