Hubs, Bridges and Switches

Hubs, Bridges and Switches are the core networking devices that provide the functionality of basic networking between the nodes. Each of these devices marks the evolution in networking technology.

Ethernet is the main layer 2 technology used in LAN networks. It suffers, however, by two problems.

  1. Distance
  2. Collisions

Hubs were designed to overcome the distance constraint whereas Bridges and Switches to solve the collision problem.


Hubs were the primary networking devices in 1980s. Hubs were introduced to overcome the distance limitation inherent in the Ethernet technology.

Distance Limitations in Ethernet

For example the widely used unshielded twisted pair (UTP) cabling, the 10BaseT standard has a distance limitation of 100 meters beyond which the signal suffers attenuation, loosing its strength. One solution is to use a physical layer repeater along path to amplify the signal and to deal with noise and signal strength issues.

With 10BaseT, a hub, a multiport physical layer repeater, is used to perform the same function as the repeater. A hub takes a signal received on one interface and repeats it across all the other active interfaces. The main problem with a hub is that if the signal is bad, the hub repeats the bad signal: bad in, bad out.


  • are Layer-1 (physical layer)  devices.
  • mirror the traffic onto all the other ports.
  • don’t have intelligence to process the frames.
  • prove to be a security risk since the traffic flows out of every port.
  • make up one collision domain, meaning all the devices connected to the hub are affected by the collisions.
  • form one broadcast domain, meaning all the devices connected to the hub receive the broadcast.
  • only one device can send or receive a frame (Half-duplex).


Bridges came along to solve the problem of collisions, the result of the mechanism called CSMA/CD with which Ethernet operates.

CSMA/CD (Carrier Sense Multiple Access/Collision Detection) embodies the working principle of Ethernet.

Carrier Sense : The nodes listen on the media for a predetermined interval before placing the frame.

Multiple Access : The media gets shared among multiple nodes.

Collision Detection : Since multiple nodes share the same physical media, the nodes may sense the wire and simultaneously send their traffic. This results in collision of frames. When a collision occurs, the nodes involved in the collision need to create a JAM signal and back off a random time interval before sending again.

Of course, the more devices present, the more likely that the “random” time interval they choose is the same as another device, thereby creating even more collisions, greatly slowing down a device’s access when trying to transmit data. On top of this, high-performance PCs, network-based applications, and high-bandwidth applications such as video can create even more contention for access to a wire.

Collision Domain : A collision domain basically includes all the devices that share a media type at Layer-1 of the OSI Reference Model — such as all the devices on a single strand of 10Base5 or 10Base2 cabling or all the devices connected to a hub or hubs. In a collision domain, each device on the segment will experience the effects of the collisions. The more the devices on the segment, the more likely it is that collisions will create bandwidth problems for these devices. This is not to say that collisions are bad — it’s just that collisions are part of how Ethernet functions.

Bridges were originally designed to solve collision and bandwidth problems. Each port connected to a bridge is a separate collision domain. When a frame is pulled into a port on a bridge, the bridge checks the frame’s field checksum sequence (FCS), and if the FCS is valid, the frame is forwarded out of a destination port or ports.

Basically, the bridge is creating the illusion that all physical segments to which it is connected are actually one large logical segment. All the devices connected to this logical segment are in the same broadcast domain — this makes sense because bridges flood broadcasts. Note that if the network is experiencing problems of large amounts of broadcasts, bridges will not solve the problems.

Physically bridges look similar to hubs, except they come with a small number of ports — 2 to 6.

Bridges perform three main functions.

  1. Learning function
  2. Forwarding function
  3. Layer 2 Loop prevention through STP (Spanning Tree Protocol)

Learning Function

Bridge learns which devices are connected to which of its ports. It then uses this information to switch frames intelligently. When a bridge receives a frame, it reads the source MAC address in the frame and compares it to a local MAC address table, called port address table. If the address is not already in this table, the bridge adds the address and the port identifier or number on which the frame was received. If the address is already in the table, the bridge resets the timer for the table entry. Entries in the table remain there as long as the bridge sees traffic from them; otherwise, the bridge ages out the old entries to allow room for newer ones.

Forwarding Function

The second function of a bridge is to forward traffic intelligently. To do this, the bridge uses the port address table to help it find where destinations are located. When a frame is received on a port, the bridge first performs its learning function and then performs its forwarding function. The bridge examines the destination MAC address in the frame header and looks for a corresponding entry in the port address table. If the bridge finds a matching entry, the bridge forwards the frame out of the specified port. If the port is the same port on which the frame was received (the source and destination are connected to the same port), the bridge drops the frame. If the bridge doesn’t find an entry, or if the destination MAC address is a broadcast or multicast address, the bridge floods the frame out all of the remaining ports.

Note that three types of traffic are always flooded: unknown unicast addresses, broadcasts, and multicasts.


Removing Loops

The third function of a bridge is to remove layer 2 loops. To see the problem that layer 2 loops can cause, consider the following diagram.

Layer 2 loops and Redundancy

One advantage of using two bridges to connect two segments together, as shown in the above diagram, is that it creates redundancy. But these loops also create problems. For instance, a bridge always floods traffic that has a destination address that is an unknown unicast, a broadcast, or a multicast address. And this traffic will continually circle around the loop — possibly forever. For example, in the diagram, assume a PC generates a broadcast on Segment 1. When BridgeA and BridgeB receive the broadcast, they flood it out all of their remaining ports. This means that the same broadcast will appear twice on Segment 2. Each bridge sees the other’s broadcast on Segment 2 and forwards this back to Segment 1. This process will go on ad infinitum. This process not only wastes bandwidth on our LAN segments but also affects the CPU cycles of all devices on these segments, since all NICs will accept the broadcast and pass it up the protocol stack for further processing.

STP (Spanning Tree Protocol) is employed to remove loops in the layer 2 network. When STP runs, one of the ports of the bridges in the loop is disabled in software. In the figure, this is the port on BridgeB that is connected to Segment 2. Any user traffic is ignored if it is received on this port and is not forwarded out of this port. Going back to our broadcast example, if a PC on Segment 1 generated a broadcast, both bridges, again, would receive it. BridgeA would flood the broadcast to Segment 2, but BridgeB would not, since the port is in a blocked state.


  •  are Layer-2 (data link) devices.
  • learn the MAC addresses and map them to the interface number in its port address table.
  • forward frames only to the node specified in the destination MAC address field of the frame header.
  • connect multiple physical network segments.
  • split the collision domain. Number of ports is equal to the number of collision domains.
  • encompass a single broadcast domain.
  • supports Half-duplex, meaning a device can send or receive at any given point in time.
  • are implemented in software and the switching throughput is poor.
  • perform learning function, forwarding function and loop prevention using STP.



Switches are bridges with superman powers. All the characteristics of bridges hold true of switches. Switches, like bridges, operate at the data link layer. The three main functions of a bridge are also true of a switch: they learn, forward, and remove loops.

The superman powers come from ASICs (Application Specific Integrated Circuits). ASICs are specialized processors built to perform very few specific tasks. Because they do only a few things, ASICs are much more cost-effective than a generic processor, such as the one in your PC. Switches make their switching decisions in hardware by using ASICs.

Bridge and Switch comparison

Perhaps the biggest difference between the bridges and switches is performance. Bridges
switch frames in software, providing a frame rate between 10,000 and 50,000 frames per
second (fps). Switches, on the other hand, perform their switching in hardware, using  ASICs. ASICs are specialized processors, and in the switching world, they are built to do
one thing: switch frames very, very fast. As an example, the Catalyst 2960 switch has a frame rate of 2.7 million fps, which is more than 50 times faster than the fastest bridge! Note that the 2960 is a low-end switch; Cisco’s Catalyst 6500 has a rate of 400 million fps!


CCNA Study Guide | Richard Deal

About Deepak Devanand

Seeker of knowledge
This entry was posted in Switching, Uncategorized and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s