Mastering Ethernet: Key Switch Features, Standards, and VLAN Essentials

Switch Fundamentals

Network switches operate at the OSI Data Link Layer (Layer 2) and forward Ethernet frames based on MAC addresses. They are full‑duplex devices, meaning separate transmit and receive paths allow simultaneous sending and receiving.

Relevant IEEE 802.3/802.1 Standards

802.3 – Original Ethernet

802.3u – Fast Ethernet (100 Mbps) and Auto‑Negotiation

802.3ab – Gigabit Ethernet over unshielded twisted pair (1000BASE‑TX)

802.3z – Gigabit Ethernet over fiber or copper (1000BASE‑X)

802.3x – Flow‑control (Pause frames and back‑pressure)

802.1X – Port‑based network access control

802.1q – VLAN tagging (IEEE 802.1Q)

802.1p – Priority‑based traffic class

802.1d – Spanning Tree Protocol (STP)

Data Link Layer Operations

The Data Link Layer ensures error‑free transmission of frames by using frame checksums, flow‑control mechanisms, and optional retransmission. Switches learn the source MAC address of each incoming frame and build a MAC‑address table that maps MACs to physical ports.

Duplex and Flow Control

Full‑duplex switches maintain separate physical channels for transmit and receive, eliminating collisions. Flow control follows IEEE 802.3x: when a downstream port’s buffer approaches capacity, the upstream device receives a Pause frame and temporarily stops sending traffic. In half‑duplex environments, back‑pressure is simulated by generating a false collision signal to throttle the sender.

MAC and IP Addressing

MAC addresses are 48‑bit globally unique identifiers assigned to network interface cards; they are used only within the local Ethernet segment. IP addresses are 32‑bit (IPv4) or 128‑bit (IPv6) identifiers that enable routing across internetworks.

Auto‑Negotiation and Line Rate

Auto‑Negotiation (IEEE 802.3u) allows a switch and a connected device to select the highest common speed and duplex mode in the order: 100 Mbps full‑duplex → 100 Mbps half‑duplex → 10 Mbps full‑duplex → 10 Mbps half‑duplex. The theoretical maximum forwarding speed of a switch is called the line rate.

Broadcast‑Storm Control and Trunking

Broadcast‑storm control monitors the number of broadcast frames received on a port. When a configurable threshold is exceeded, excess broadcasts are dropped to protect bandwidth. Trunk ports aggregate multiple physical links into a single logical high‑bandwidth channel, typically using IEEE 802.1Q tagging.

VLAN Fundamentals

Virtual LANs create separate broadcast domains independent of physical cabling. Devices in the same VLAN can communicate directly; inter‑VLAN traffic requires a Layer 3 router or a Layer 3 switch.

Port‑based VLAN – membership defined by the physical port.

Tag VLAN – uses IEEE 802.1Q tags (VID) to identify VLANs on trunk links.

VID – VLAN Identifier, a 12‑bit field carried in the Ethernet frame.

MTU VLAN – optional per‑VLAN MTU configuration to limit maximum frame size.

MAC Address Table Management

MAC‑address aging : Dynamically learned entries expire after a configurable aging time if no frames are seen from that MAC.

Static MAC table : Manually configured MAC‑to‑port bindings that never age out (also called MAC address bindings).

MAC filtering : Blocks frames destined for prohibited MAC addresses, enhancing security.

Dynamic MAC address binding : Limits the number of MAC addresses a port may learn; additional addresses are ignored until the limit is raised or the switch is rebooted.

Port security : When enabled, the port stops learning new MACs and forwards only frames from the allowed MAC list. Disabling the feature restores normal learning.

Port Bandwidth Control and Monitoring

Ingress/egress rate limiting can be applied per port to enforce bandwidth policies.

SPAN (Switched Port Analyzer) copies traffic from a source port or VLAN to a monitoring port for analysis with packet‑capture tools.

Cable detection tests the integrity of attached twisted‑pair cables and reports faults.

Network Management Protocols

SNMP (Simple Network Management Protocol) operates at the application layer (OSI 7) and provides remote monitoring and configuration of switches.

IGMP (Internet Group Management Protocol) and IGMP snooping allow switches to forward multicast traffic only to ports with interested receivers, reducing unnecessary bandwidth consumption.

Spanning Tree and 802.1X Authentication

IEEE 802.1d Spanning Tree Protocol automatically disables redundant links to prevent loops; if the primary link fails, STP re‑enables a backup link. IEEE 802.1X provides port‑based authentication using a client (supplicant), an authenticator (the switch), and an authentication server (e.g., RADIUS).

Mainframe Interfaces: ESCON and FICON

ESCON (Enterprise Systems Connection) is an IBM‑proprietary fiber‑optic interface supporting 3–10 km distances and offering 8–16 ports per director. It provides half‑duplex serial communication that replaced parallel SCSI on mainframes.

FICON (Fiber Connection) builds on Fibre Channel technology, delivering full‑duplex operation and up to eight times the throughput of a single ESCON channel. Because of higher speed and industry‑standard compatibility, FICON has largely superseded ESCON.

Supported Mainframe Models

IBM z900 / z800

IBM 9672 G5 / G6

Hitachi GX 8000 (partial support)

Vendor Storage Implementations

EMC Symmetrix, DMX, VMAX series

HPE XP Storage series

Hitachi Lightning

IBM Enterprise Storage Server (Shark)

IBM Storage DS8000 (and DS6000)

Sun StorageTek SVA

INFINIDAT InfiniBox

Oracle StorageTek SL3000, SL8500

Cisco MDS 9000 series

EMC Connectrix (Brocade or Cisco manufactured)

IBM i Storage Connectivity

IBM i runs on PureSystems, Power servers, and AS/400 platforms. PureSystems support four operating systems (AIX, IBM i, Linux, Windows), five hypervisors (Hyper‑V, KVM, PowerVM, VMware, Xen), and two CPU architectures (Power, x86).

PowerVM provides a Virtual I/O Server (VIOS) with two virtual adapters:

Virtual SCSI (vSCSI) – presents virtual SCSI targets to guest partitions.

Virtual Fibre Channel (NPIV) – enables multiple virtual Fibre Channel ports per physical HBA.

IBM i storage access methods include:

Direct connection to Ethernet switches.

VIOS vSCSI.

VIOS NPIV.

SVC Attach (direct connection to IBM SAN Volume Controller).

IBM and EMC are the primary vendors that support all four access methods and provide the necessary multipathing and advanced features for IBM i.

LinuxONE and z Systems Interfaces

IBM LinuxONE and z Systems mainframes primarily use Fibre Channel Protocol (FCP) for storage. Z/OS relies on FICON, while Z/Linux and Z/VM use FCP over the same physical links. FICON interfaces are compatible with FCP, allowing flexible deployment of storage solutions across IBM mainframe operating environments.

Code example

IBM i操作系统的存储对接方式，主要包括接连/交换机连接，VIOS (vSCSI)，VIOS (NPIV)和SVC Attach (通过SVC相连)。目前全支持这四种方式的厂商主要是IBM和EMC(高端存储)。因为与IBM i 通信，需开发存储SCSI部分私有页以及修改LUN部分属性，需要支持 IBM i OS 多路径和其他高级特性。
IBM的IBM LinuxONE大型机和中型机IBM i/AS400主要支持FCP接口。IBM LinuxONE和z Systems大型机硬件里面的OS主要是Z/Linux、Z/vm和 Z/OS(如OS390)。
LinuxONE是IBM z Systems的演进，但相比Z要开放一些， Z/OS主要用的协议是FICON协议，Z/Linux和Z/vm主要采用的是FCP协议(FICON接口一般通用，可支持FCP协议)。