Trying to think about this from a hardware design perspective, if I had to design an FPGA or a uC or something to manage a single port being the gateway port and one or more switched ports for routing, with the guarantee that one port == one neighbor and thus one MAC address to route, then it'd be as simple as storing a single MAC address for each port in the firmware's memory and switching/dropping packets based on which MACs I know of.
However, how does it work when there is an arbitrary number of 'neighbors' downstream from a port, i.e. when a port is connected to another layer 2 switch? Would I theoretically have to keep a whole list of known neighbors at that port? That means some arbitrary limit of downstream nodes I could keep track of. Since MACs are not prefixed-based (like IP addresses are), doing the typical CIDR masking wouldn't be sufficient.
Further, if it was just a catch-all "forward packets destined for any unknown MAC to the next hop", then it'd mean potentially flooding all ports with any unknown packets, wouldn't it?
How does this work in reality? Is there something obvious I'm missing with how layer 2 switching works in such a topology?
Best Answer
Switches are self-learning bridges: they inspect each incoming frame for its source MAC address and store that address with the ingress port in their source-address or MAC table.
Any MAC address can only be associated with a single port, but each port can be associated with any number of MAC addresses (except for really ancient switches), up to the maximum supported number.
On hardware switches, the MAC table is implemented using content-addressable memory (CAM), so that the port association is located in a single lookup step.
When a frame is received on any port, its source MAC address is used to update the MAC table. Its destination address is looked up in the MAC table and the frame is forwarded out the port indicated by the table entry. If the address cannot be found the switch mimics a repeater hub and floods the frame out of all ports but the ingress one.
That is an assumption only true for edge ports, and not normally taken by any switch in its default configuration.
Accordingly, you can connect switches any which way - a chain, a tree, or even in a ring when you provide means to avoid the resulting bridge loop (most commonly a spanning tree protocol).
Technically, a tree is usually the most efficient and resilient way to connect Ethernet switches.
https://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4