Understanding Layer‑2 vs Layer‑3 Switches: Features, VLANs, and Configuration Guide

Introduction

The OSI reference model defines Layer 2 (Data Link) and Layer 3 (Network) functions. This guide explores the characteristics, working principles, and practical applications of Layer‑2 and Layer‑3 switches, focusing on MAC‑based forwarding, IP‑based routing, ARP, broadcast domains, and VLAN segmentation.

Layer‑2 vs Layer‑3 Switch Operation

Layer‑2 Switch : Learns MAC addresses from incoming frames, stores them in an internal address table, and forwards frames based on MAC without using routing algorithms.

Layer‑3 Switch : Forwards packets based on destination IP addresses, follows routing algorithms, and can route between different VLANs or subnets.

ARP Process for MAC Learning

When a host (e.g., PC1) needs to communicate with another host (PC2) for the first time, it knows PC2’s IP but not its MAC. The switch broadcasts an ARP request (excluding the port where PC1 is connected). PC2 replies with its MAC, allowing the switch to update its MAC table. Subsequent traffic is forwarded directly using this table.

Collisions and Broadcast Domains

Collisions occur when multiple hosts transmit simultaneously on the same segment, forcing retransmissions and degrading performance.

A broadcast domain is the set of devices that receive a broadcast frame. Using many switches expands the broadcast domain, potentially leading to broadcast storms.

VLAN Technology

VLANs logically separate broadcast domains without physical rewiring, improving flexibility and security. Two methods to isolate broadcast domains are physical segmentation and logical segmentation (VLANs). VLANs allow devices to communicate as if they are on the same subnet regardless of physical location.

VLAN Configuration Commands

Enter global configuration mode: Switch(config)# Create VLAN 10: Switch(config)# vlan 10 Exit VLAN configuration: Switch(config-vlan)# exit Select interface Fa0/1: Switch(config)# interface fa0/1 Set access mode: Switch(config-if)# switchport mode access Assign VLAN to the access port:

Switch(config-if)# switchport access vlan 10

Layer‑2 Switch Characteristics and Applications

Acts as a bridge, connecting devices within a LAN.

Uses MAC address tables to forward frames efficiently.

Can segment large LANs into smaller VLANs for better performance.

Typical use cases: campus access layer, internal communication without routing.

Layer‑3 Switch Characteristics and Applications

Performs static and dynamic routing (e.g., RIP, OSPF) between VLANs.

Combines high‑speed switching with routing capabilities, often faster than traditional routers.

Supports QoS classification based on IP/subnet information.

Handles high bandwidth (10 Gbps+) and provides secure inter‑VLAN paths.

Commonly deployed in data centers, core network layers, and large campus backbones.

Inter‑VLAN Routing Example

In a university network, PCs in different VLANs (e.g., faculty and student VLANs) cannot communicate directly. A Layer‑2 switch learns MAC addresses, but a Layer‑3 switch uses IP routing to forward traffic between VLAN 10 and VLAN 20, enabling cross‑VLAN communication.

Summary of Differences

Working Layer : Layer‑2 switches operate at the Data Link layer; Layer‑3 switches operate at the Network layer, adding routing capabilities.

Principle : Layer‑2 switches forward based on MAC address tables; Layer‑3 switches first route (IP) then switch.

Functions : Layer‑2 switches cannot assign IP addresses; Layer‑3 switches can configure IPs on VLAN interfaces and route between them.

Typical Deployment : Layer‑2 switches are used in access and aggregation layers; Layer‑3 switches are used in core layers or as aggregation when routing is required.

Supported Protocols : Layer‑2 supports physical and data‑link protocols; Layer‑3 adds network‑layer protocols (IP, ICMP, etc.).