Routing & Switching

How data flows through networks — from switches to BGP

IT & Tech Reports | Class IM24A | 2026

1. Data Link Layer — Switching

Layer 2 switches forward Ethernet frames based on MAC addresses. They maintain a MAC address
table (CAM table) that maps MAC addresses to the port they were learned from. When a frame arrives,
the switch looks up the destination MAC and forwards to the correct port. If unknown, it floods to all
ports except the source.

Operation Trigger Action

Learning Frame received on a port Add source MAC + port to CAM table

Forwarding Destination MAC in CAM table Send frame only to that port

Flooding Destination MAC unknown Send to all ports except source

Filtering Source and destination on sameDrop

port frame (already delivered)

Aging Entry not seen for 300s (default)Remove from CAM table

2. VLANs — Virtual LANs

VLANs divide one physical switch into multiple logical switches. Frames are tagged with an 802.1Q
VLAN ID (12 bits = 4094 VLANs). Ports are either access (untagged, belongs to one VLAN) or trunk
(tagged, carries multiple VLANs).

# Cisco IOS VLAN configuration

Switch# configure terminal

! Create VLANs
Switch(config)# vlan 10
Switch(config-vlan)# name Students
Switch(config)# vlan 20
Switch(config-vlan)# name Staff

! Access port (endpoint device)

Switch(config)# interface GigabitEthernet0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# spanning-tree portfast ! for edge ports

! Trunk port (to other switches or routers)

Switch(config)# interface GigabitEthernet0/24
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# switchport trunk allowed vlan 10,20,30
 ! Verify
Switch# show vlan brief
Switch# show interfaces trunk
Switch# show mac address-table

3. Spanning Tree Protocol (STP)

STP (IEEE 802.1D) prevents Layer 2 loops in networks with redundant paths. Loops would cause
broadcast storms (frames circulating forever, consuming all bandwidth). STP elects a Root Bridge and
blocks redundant paths, leaving only a loop-free tree topology.

Port state Description

Blocking Does not forward frames; receives BPDUs only — preventing loops

Listening Transitions toward forwarding; sends and receives BPDUs; 15 seconds

Learning Builds MAC table; sends/receives BPDUs; does not forward frames; 15 seconds

Forwarding Normal operation — forwards frames

Disabled Administratively shutdown

RSTP (802.1w) and MSTP (802.1s) are faster modern alternatives. Cisco's PVST+ runs a separate STP
instance per VLAN. Use PortFast + BPDU Guard on access ports to skip the 30-second convergence.

4. IP Addressing and Subnetting

# IPv4 address: 32 bits = 4 octets
# [Link]/24 = network, /24 = prefix length (24 bits for network)

# Subnet mask /24 = [Link]

# Hosts per subnet: 2^(32-24) - 2 = 254

# Useful subnets
/30 = [Link] → 2 hosts (point-to-point links)
/29 = [Link] → 6 hosts
/28 = [Link] → 14 hosts
/27 = [Link] → 30 hosts
/26 = [Link] → 62 hosts
/25 = [Link] → 126 hosts
/24 = [Link] → 254 hosts (typical LAN segment)
/23 = [Link] → 510 hosts
/22 = [Link] → 1022 hosts
/16 = [Link] → 65534 hosts

# Private address ranges (RFC 1918)

[Link]/8 (10.x.x.x) — large enterprises
[Link]/12 (172.16-31.x.x) — medium networks
[Link]/16 (192.168.x.x) — home/small office

# Subnetting example: divide [Link]/24 into 4 equal subnets

 # 4 subnets → 2 bits borrowed → /26 (62 hosts each)
[Link]/26 hosts: .1 - .62, broadcast: .63
[Link]/26 hosts: .65 - .126, broadcast: .127
[Link]/26 hosts: .129 - .190, broadcast: .191
[Link]/26 hosts: .193 - .254, broadcast: .255

5. Routing Fundamentals
Routers operate at Layer 3, forwarding packets between different IP networks based on their routing
table. They make forwarding decisions based on the longest prefix match.

Routing type How routes are learned Examples

Static routes Manually configured by admin ip route [Link]/8 [Link]

Dynamic — IGP Routers exchange routes within an AS

OSPF, EIGRP, IS-IS, RIP

Dynamic — EGP Routes exchanged between autonomous

BGP (the
systems
internet routing protocol)

Connected Directly connected interfaces Automatic when interface is up

Default route [Link]/0 — match anything (last resort)

ip route [Link] [Link] GW

# Static routing (Linux)

ip route add [Link]/24 via [Link] # add route
ip route add [Link]/8 via [Link] dev eth1 # via specific interface
ip route add default via [Link] # default route
ip route del [Link]/24 # remove route
ip route show # view routing table

# Enable IP forwarding (turn Linux into a router)

echo 1 > /proc/sys/net/ipv4/ip_forward
# Persistent: net.ipv4.ip_forward = 1 in /etc/[Link]

6. OSPF — Open Shortest Path First

OSPF is a link-state routing protocol. Every router builds a complete map of the network (LSDB — Link
State Database) and runs Dijkstra's algorithm to calculate the shortest path to each destination. OSPF
converges faster and scales better than RIP.

! OSPF configuration (Cisco IOS)

Router(config)# router ospf 1
Router(config-router)# router-id [Link]
Router(config-router)# network [Link] [Link] area 0
Router(config-router)# network [Link] [Link] area 0
Router(config-router)# passive-interface GigabitEthernet0/1 ! no OSPF on client-facing port

! Verify
Router# show ip ospf neighbor
Router# show ip ospf database
Router# show ip route ospf
 OSPF concept Description

Hello packets Multicast to [Link] every 10s; discover and maintain neighbours

DR/BDR election On broadcast networks; reduces LSA flooding — highest priority/RID wins

LSA (Link State Advertisement)

Describes router's links and costs; flooded throughout area

SPF algorithm Dijkstra run on LSDB to compute shortest path tree to all destinations

Area 0 (backbone) All OSPF areas must connect to Area 0; ensures loop-free inter-area routing

Cost Interface bandwidth metric: cost = 10^8 / bandwidth(bps)

7. BGP — Border Gateway Protocol

BGP is the routing protocol of the internet. It exchanges routing information between autonomous
systems (AS). Unlike OSPF which optimises for shortest path, BGP is a path-vector protocol that
selects paths based on policies — AS path length, local preference, MED, and many other attributes.

! iBGP (internal BGP — same AS) and eBGP (external BGP — different AS)
! eBGP example: connect AS 65001 to upstream provider AS 100

Router(config)# router bgp 65001

Router(config-router)# bgp router-id [Link]
Router(config-router)# neighbor [Link] remote-as 100 ! eBGP peer
Router(config-router)# neighbor [Link] description "Upstream ISP"

! Advertise our prefix

Router(config-router)# network [Link] mask [Link]

! BGP route selection (simplified order)

! 1. Highest LOCAL_PREF (prefer our ISP policy)
! 2. Shortest AS_PATH (fewest hops)
! 3. Lowest ORIGIN (IGP < EGP < incomplete)
! 4. Lowest MED (metric advertised by neighbour)
! 5. eBGP over iBGP
! 6. Lowest IGP metric to next-hop
! 7. Oldest eBGP route
! 8. Lowest Router ID

Router# show bgp summary

Router# show bgp ipv4 unicast [Link]/24

8. NAT — Network Address Translation

# Linux NAT with iptables (router/gateway)
# Enable IP forwarding
sysctl -w net.ipv4.ip_forward=1

# Masquerade: translate all outbound traffic from internal network

iptables -t nat -A POSTROUTING -s [Link]/24 -o eth0 -j MASQUERADE

# PAT (DNAT): forward inbound port to internal server

 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 192.168
.1.10:443
iptables -A FORWARD -p tcp -d [Link] --dport 443 -j ACCEPT

# View NAT table

iptables -t nat -L -n -v
# View established connections
conntrack -L

9. IPv6 Fundamentals
IPv6 uses 128-bit addresses written as 8 groups of 4 hex digits. With 3.4 × 10^38 addresses, NAT is not
needed — every device can have a globally routable address.

Type Example Equivalent to

Loopback ::1 [Link] in IPv4

Link-local fe80::/10 Non-routable; auto-configured on every interface

Global unicast 2001:db8::/32 Public routable addresses

Unique local fc00::/7 Like RFC 1918 — private, not globally routed

Multicast ff00::/8 Like [Link]/4 — one-to-many

Anycast Same unicast range Routes to nearest of multiple servers

10. Network Troubleshooting Methodology

• 1. Define the problem: what exactly is broken? From where to where? Since when?

• 2. Gather information: ping, traceroute, nmap, packet capture (tcpdump/Wireshark)

• 3. Isolate the layer: physical (cables, LEDs) → data link (MAC, VLAN) → network (IP, route) →
transport (TCP/UDP) → application

• 4. ping the gateway first: if it fails, the issue is local (Layer 1-3 on your segment)

• 5. traceroute: find where packets stop — the last responding hop is the problem area

• 6. Check routing tables: ip route show — is there a route to the destination?

• 7. Check firewall: is a firewall dropping packets? iptables -L -n or ufw status

• 8. Test DNS separately: ping the IP directly; if that works, the issue is DNS

• 9. Capture packets: sudo tcpdump -i eth0 host [Link] -n

• 10. Change one thing at a time and document — never make multiple changes simultaneously