An Ethernet switch connects devices on a local network and intelligently directs data only to the device that needs it. Unlike older network hubs, which blindly copied every signal to every port, a switch learns which devices are plugged into which ports and uses that information to send data along the most direct path. This simple principle is what makes modern wired networks fast and efficient.
Learning Where Devices Are
The core job of a switch is maintaining an internal lookup table that maps each connected device to a specific physical port. It builds this table automatically, with no configuration required, by watching the traffic that flows through it.
Every piece of data traveling across a network is wrapped in a structure called a frame. Each frame carries two key identifiers: the source address (who sent it) and the destination address (who should receive it). These addresses are hardware-level identifiers burned into every network card, called MAC addresses. When a frame arrives at the switch, the switch reads the source MAC address and records which port that frame came in on. If the address is new, it gets added to the table. If it already exists on a different port (maybe you unplugged a laptop and moved it), the switch updates the entry.
These table entries don’t last forever. Most switches automatically clear an entry after five minutes of inactivity, keeping the table current as devices come and go. Over the course of normal network activity, the switch quickly learns the location of every active device without anyone lifting a finger.
How Frames Reach the Right Device
Once the switch has its table, forwarding is straightforward. A frame arrives, and the switch checks the destination MAC address against its table. If there’s a match, the frame goes out through that one specific port and nowhere else. The other ports never see it, which keeps bandwidth free for other conversations happening at the same time.
If the destination address isn’t in the table yet (because that device hasn’t sent anything recently), the switch floods the frame out of every port except the one it arrived on. This is a temporary fallback. As soon as the unknown device replies, the switch learns its location and future frames go directly to the correct port. Broadcast frames, ones addressed to every device on the network, always get flooded to all ports. This is normal and necessary for certain network functions like device discovery.
Why Switches Replaced Hubs
The predecessor to the switch was the hub, and the difference is dramatic. A hub is electrically simple: any signal that arrives on one port gets repeated to all other ports. Every device shares the same communication channel, which means only one device can transmit at a time. If two devices send data simultaneously, the signals collide, both transmissions fail, and both devices have to wait and retry. The more devices you add, the worse the congestion gets.
A switch eliminates this problem by giving each port its own independent collision domain. Port 1 can exchange data with port 5 at the same time port 3 is exchanging data with port 8, all without interference. This is why adding more devices to a switch doesn’t degrade performance the way it does with a hub.
Switches also enable full-duplex communication, meaning a device can send and receive data simultaneously on the same cable. Hubs are limited to half-duplex, where devices take turns. Full-duplex effectively doubles the usable bandwidth of each connection. A gigabit port in full-duplex mode can handle 1 Gbps in each direction at the same time.
Store-and-Forward vs. Cut-Through
Switches use one of two main methods to handle frames internally, and the choice affects speed and reliability.
In store-and-forward mode, the switch waits until it has received the entire frame, checks it for errors, and only then sends it to the destination port. If the frame is corrupted, the switch drops it instead of passing the problem along. This is the safer approach, though it adds a small amount of delay because the switch must receive every last byte before forwarding begins.
In cut-through mode, the switch reads just enough of the frame to identify the destination address (which sits near the very beginning), then immediately starts forwarding it before the rest of the frame has even arrived. This dramatically reduces latency, which matters in environments like financial trading floors or real-time video production. The tradeoff is that corrupted frames get forwarded along with good ones, since the switch never inspects the full frame.
Most modern switches default to cut-through mode. When there’s a speed mismatch between ports (say, data arriving on a slower port heading to a faster one), the switch may automatically fall back to store-and-forward for those particular frames.
The Switching Fabric Inside
Inside the switch, a high-speed internal pathway called the switching fabric connects all the ports to each other. Think of it as an internal highway system. The total capacity of this fabric determines how much data the switch can move simultaneously across all its ports.
A well-designed switch has enough internal bandwidth to handle every port running at full speed in both directions at once. This is called non-blocking, meaning no port ever has to wait for internal resources. If a 24-port gigabit switch is truly non-blocking, its switching fabric handles at least 48 Gbps (24 ports times 1 Gbps times two directions). Cheaper switches sometimes cut corners here, which can create bottlenecks during heavy use even if the individual port speeds look impressive on paper.
Layer 2 vs. Layer 3 Switches
A standard Ethernet switch operates at Layer 2 of the networking stack, meaning it makes all its decisions based on MAC addresses. It’s fast and requires minimal setup, but it has a limitation: it can only move data between devices on the same local network segment. If you need traffic to travel between different subnets or VLANs (virtual network segments), a standard Layer 2 switch can’t do it alone. You’d need a router.
Layer 3 switches blur the line between switches and routers. They maintain both a MAC address table and a routing table with IP addresses, so they can forward traffic within a local network like a regular switch and also route traffic between different subnets. This makes them common in larger offices and data centers where you want the speed of switching combined with the flexibility of routing in a single device. They cost more, but they reduce the need for separate routers inside the network.
Managed vs. Unmanaged Switches
An unmanaged switch is plug-and-play. You connect cables, and it starts forwarding frames. There’s no configuration interface, no settings to adjust. For a home network or a small office, this is usually all you need.
Managed switches add a layer of administrative control. You can create VLANs to segment your network so that, for example, guest Wi-Fi traffic stays completely separate from your internal systems. Quality-of-service settings let you prioritize certain types of traffic, like video calls over file downloads. Port mirroring copies traffic from one port to another for monitoring or troubleshooting. You also get remote management, so an IT team can configure and monitor the switch from anywhere. These features matter as networks grow larger and more complex.
Power Over Ethernet
Many modern switches can deliver electrical power through the same Ethernet cables that carry data, eliminating the need for separate power adapters on devices like security cameras, wireless access points, and VoIP phones. This feature follows a set of standards with increasing power levels:
- PoE (802.3af): Up to 15.4 watts per port, enough for basic IP phones and simple cameras.
- PoE+ (802.3at): Up to 30 watts per port, supporting pan-tilt-zoom cameras and more demanding access points.
- PoE++ (802.3bt): Up to 60 watts per port for devices like video conferencing systems, or up to 90 watts (with a theoretical maximum of 100 watts) for high-power devices like digital signage displays or laptop docking stations.
The switch automatically detects whether a connected device needs power and negotiates the correct wattage level, so you won’t damage devices that aren’t designed for PoE.
Port Speeds and Multi-Gigabit
Most switches today offer gigabit (1 Gbps) ports, which is plenty for typical office tasks. For higher-demand environments, 10-gigabit switches are available but have traditionally required expensive Cat 6a cabling.
Multi-gigabit standards, finalized in 2016, fill the gap. Switches with 2.5 Gbps and 5 Gbps ports can run at those faster speeds over the same Cat 5e or Cat 6 cabling already installed in most buildings, at distances up to 100 meters. This is particularly useful for feeding high-performance Wi-Fi access points, which can easily saturate a 1 Gbps uplink. You get a meaningful speed boost without rewiring anything.