The addition of more nodes increases the demands on the available bandwidth. This also increases the probability of collisions, which results in more retransmissions. A solution to the problem is to break the large segment into parts and separate it into isolated collision domains.

To accomplish this a bridge keeps a table of MAC addresses and the associated ports. The bridge then forwards or discards frames based on the table entries.

All decisions made by a bridge are based on MAC or Layer 2 addresses.

A bridge will divide a collision domain but has no effect on a logical or broadcast domain.

If a network does not have a device that works with Layer 3 addresses, such as a router, the entire network will share the same logical broadcast address space.

A bridge will create more collision domains but will not add broadcast domains.

A switch is essentially a fast, multi-port bridge that can contain dozens of ports. Each port creates its own collision domain.

In a network of 20 nodes, 20 collision domains exist if each node is plugged into its own switch port.

A switch dynamically builds and maintains a content-addressable memory (CAM) table, which holds all of the necessary MAC information for each port.

When only one node is connected to a switch port, the collision domain on the shared media contains only two nodes. The two nodes in this small segment, or collision domain, consist of the switch port and the host connected to it. These small physical segments are called microsegments. 

In a network that uses twisted-pair cabling, one pair is used to carry the transmitted signal from one node to the other node. A separate pair is used for the return or received signal. It is possible for signals to pass through both pairs simultaneously. The ability to communicate in both directions at once is known as full duplex.

In full duplex mode, there is no contention for the media. A collision domain no longer exists. In theory, the bandwidth is doubled when full duplex is used.

In addition to faster microprocessors and memory, two other technological advances made switches possible.

1. CAM allows a switch to find the port that is associated with a MAC address without search algorithms.

2. An ASIC allows some software operations to be done in hardware. These technologies greatly reduced the delays caused by software processes and enabled a switch to keep up with the data demands of many microsegments and high bit rates.

Latency is the delay between the time a frame begins to leave the source device and when the first part of the frame reaches its destination.

A variety of conditions can cause delays:

• Media delays may be caused by the finite speed that signals can travel through the physical media.
• Circuit delays may be caused by the electronics that process the signal along the path.
• Software delays may be caused by the decisions that software must make to implement switching and protocols.
• Delays may be caused by the content of the frame and the location of the frame switching decisions. For example, a device cannot route a frame to a destination until the destination MAC address has been read.

A switch can start to transfer the frame as soon as the destination MAC address is received. This is called cut-through packet switching and results in the lowest latency through the switch. However, no error checking is available.

The switch can also receive the entire frame before it is sent to the destination port. This gives the switch software an opportunity to verify the Frame Check Sequence (FCS). If the frame is invalid, it is discarded at the switch. Since the entire frame is stored before it is forwarded, this is called store-and-forward packet switching.

Fragment-free packet switching reads the first 64 bytes, which includes the frame header, and starts to send out the packet before the entire data field and checksum are read. This mode verifies the reliability of the addresses and LLC protocol information to ensure the data will be handled properly and arrive at the correct destination.

When cut-through packet switching is used,

       the source and destination ports must have the same bit rate to keep the frame intact. This is called symmetric switching.

       If the bit rates are not the same, the frame must be stored at one bit rate before it is sent out at the other bit rate. This is known as asymmetric switching.

Store-and-forward mode must be used for asymmetric switching. 

Asymmetric switching provides switched connections between ports with different bandwidths.

Asymmetric switching is optimized for client/server traffic flows in which multiple clients communicate with a server at once. More bandwidth must be dedicated to the server port to prevent a bottleneck.

When multiple switches are arranged in a simple hierarchical tree, switching loops are unlikely to occur.

Switched networks are often designed with redundant paths to provide for reliability and fault tolerance. 

Redundant paths are desirable but they can have undesirable side effects such as switching loops. Switching loops can occur by design or by accident, and they can lead to broadcast storms that will rapidly overwhelm a network.

STP is a standards-based routing protocol that is used to avoid routing loops.

Each switch in a LAN that uses STP sends messages called Bridge Protocol Data Units (BPDUs) out all its ports to let other switches know of its existence. This information is used to elect a root bridge for the network. The switches use the spanning-tree algorithm (STA) to resolve and shut down the redundant paths.

Each port on a switch that uses STP exists in one of the following five states:

• Blocking
• Listening
• Learning
• Forwarding
• Disabled

A port moves through these five states as follows:

• From initialization to blocking
• From blocking to listening or to disabled
• From listening to learning or to disabled
• From learning to forwarding or to disabled
• From forwarding to disabled

STP is used to create a logical hierarchical tree with no loops. However, the alternate paths are still available if necessary.

Here are some examples of shared media and directly connected networks:

• Shared media environment – if PCs are attached to the same physical wire, they all share the same media environment.
• Extended shared media environment – This is a special type of shared media environment in which networking devices can extend the environment so that it can accommodate multiple access or longer cable distances.
• Point-to-point network environment – This is widely used in dialup network connections and is most common for home users. It is a shared network environment in which one device is connected to only one other device. An example is a PC that is connected to an Internet service provider through a modem and a phone line.

Collisions only occur in a shared environment.

Collision domains are the connected physical network segments where collisions can occur.

Layer 2 and Layer 3 devices break up collision domains. This process is also known as segmentation.

Layer 1 devices such as repeaters and hubs are mainly used to extend the Ethernet cable segments. This allows more hosts to be added. However, every host that is added increases the amount of potential traffic on the network. As more traffic is transmitted within a collision domain, collisions become more likely.

These late collision frames add delay that is referred to as consumption delay. As consumption delay and latency increase, network performance decreases.

The 5-4-3-2-1 rule requires that the following guidelines should not be exceeded:

• Five segments of network media
• Four repeaters or hubs
• Three host segments of the network
• Two link sections with no hosts
• One large collision domain

The 5-4-3-2-1 rule also provides guidelines to keep round-trip delay time within acceptable limits.

One important skill for a networking professional is the ability to recognize collision domains.

Layer 2 devices segment or divide collision domains. They use the MAC address assigned to every Ethernet device to control frame propagation. Layer 2 devices are bridges and switches.

Bridges and switches divide collision domains into smaller parts. Each part becomes its own collision domain.

These smaller collision domains will have fewer hosts and less traffic than the original domain.

If the traffic between bridged segments is not too heavy a bridged network works well. Otherwise, the Layer 2 device can slow down communication and become a bottleneck.

Layer 2 and 3 devices do not forward collisions. Layer 3 devices divide collision domains into smaller domains.

To communicate with all collision domains, protocols use broadcast and multicast frames at Layer 2 of the OSI model.

When a node needs to communicate with all hosts on the network, it sends a broadcast frame with a destination MAC address 0xFFFFFFFFFFFF. This is an address to which the NIC of every host must respond.

Layer 2 devices must flood all broadcast and multicast traffic. The accumulation of broadcast and multicast traffic from each device in the network is referred to as broadcast radiation.

In some cases, the circulation of broadcast radiation can saturate the network so that there is no bandwidth left for application data. In this case, new network connections cannot be made and established connections may be dropped. This situation is called a broadcast storm.

A NIC must rely on the CPU to process each broadcast or multicast group it belongs to. Therefore, broadcast radiation affects the performance of hosts in the network.

The three sources of broadcasts and multicasts in IP networks are workstations, routers, and multicast applications.

Workstations broadcast an Address Resolution Protocol (ARP) request every time they need to locate a MAC address that is not in the ARP table.

As an example, the command telnet mumble.com translates into an IP address through a Domain Name System (DNS) search. An ARP request is broadcast to locate the MAC address. Generally, IP workstations cache 10 to 100 addresses in their ARP tables for about 2 hours. The ARP rate for a typical workstation might be about 50 addresses every 2 hours or 0.007 ARPs per second. Therefore, 2000 IP end stations will produce about 14 ARPs per second.

The routing protocols that are configured on a network can increase broadcast traffic significantly. Some administrators configure all workstations to run Routing Information Protocol (RIP) as a redundancy and reachability policy. Every 30 seconds, RIPv1 uses broadcasts to retransmit the entire RIP routing table to other RIP routers.

If 2000 workstations were configured to run RIP and, on average, 50 packets were required to transmit the routing table, the workstations would generate 3333 broadcasts per second.

Most network administrators only configure RIP on five to ten routers. For a routing table that has a size of 50 packets, 10 RIP routers would generate about 16 broadcasts per second.

Multicasting is an efficient way to send a stream of multimedia data to many users on a shared-media hub. However, it affects every user on a flat switched network. A packet video application could generate a 7-MB stream of multicast data that would be sent to every segment. This would result in severe congestion.

A broadcast domain is a group of collision domains that are connected by Layer 2 devices.

Broadcasts are forwarded by Layer 2 devices.

Broadcasts have to be controlled at Layer 3 since Layers 1 and 2 devices cannot control them.

Broadcast domains are controlled at Layer 3 because routers do not forward broadcasts. 

Routers actually work at Layers 1, 2, and 3. Like all Layer 1 devices, routers have a physical connection and transmit data onto the media. Routers also have a Layer 2 encapsulation on all interfaces and perform the same functions as other Layer 2 devices. Layer 3 allows routers to segment broadcast domains.

Layer 3 forwarding is based on the destination IP address and not the MAC address. For a packet to be forwarded it must contain an IP address that is outside of the range of addresses assigned to the LAN and the router must have a destination to send the specific packet to in its routing table.

Data flow in the context of collision and broadcast domains focuses on how data frames propagate through a network.

Layer 1 devices do no filtering, so everything that is received is passed on to the next segment. Any segments connected by Layer 1 devices are part of the same domain, both collision and broadcast.

Layer 2 devices filter data frames based on the destination MAC address.

A frame is forwarded if it is going to an unknown destination outside the collision domain. The frame will also be forwarded if it is a broadcast, or multicast.

The only time that a frame is not forwarded is when the Layer 2 device finds that the sending host and the receiving host are in the same collision domain.

A Layer 2 device, such as a bridge, creates multiple collision domains but maintains only one broadcast domain.

Layer 3 devices filter data packets based on IP destination address. The only way that a packet will be forwarded is if its destination IP address is outside of the broadcast domain and the router has an identified location to send the packet. A Layer 3 device creates multiple collision and broadcast domains.

Layer 1 is used for transmission across the physical media, Layer 2 for collision domain management, and Layer 3 for broadcast domain management.

In the context of data communication, the following definitions are used:

• Section of a network that is bounded by bridges, routers, or switches.
• In a LAN using a bus topology, a segment is a continuous electrical circuit that is often connected to other such segments with repeaters.
• Term used in the TCP specification to describe a single transport layer unit of information.

If segment is used in the context of TCP, it would be defined as a separate piece of the data.

If segment is being used in the context of physical networking media in a routed network, it would be seen as one of the sections of the total network.