What is a network switch?

What is a network switch?

A network switch is equipment that allows two or more IT devices, such as computers, to communicate with one another. Connecting multiple IT devices together creates a communications network. Compute, print, server, file storage, Internet access, and other IT resources can be shared across the network.

IT devices communicate by exchanging “packets” of data over the network. Basic switches forward packets from one device to another, while more complicated operations (such as deciding if a packet is allowed to reach its intended destination) are traditionally the domain of other types of network devices.

Switches can take the form of a dedicated appliance or they can be a component of other equipment, such as network routers and wireless access points (APs), that performs operations on data packets. Basic switching technology has been around for decades and is one of the fundamental building blocks of all modern IT networks, including the Internet.


What problems do switches solve?

A network switch connects users, applications, and equipment across a network so that they can communicate with one another and share resources. The simplest network switches offer connectivity exclusively to devices on a single local-area network (LAN). More advanced switches can connect devices from multiple LANs and may even incorporate basic data security functions. 

In the more advanced switches, functions beyond simple LAN interconnection are often a subset of those typically found in other network devices, such as routers and firewalls. Despite these switches’ advanced capabilities, they continue to be referred to as “switches,” because their primary purpose is to connect devices to one another as part of an IT network. 

An important role of an advanced switch is the ability to create “virtual networks.” Virtual networks isolate groups of networked systems from one another based on configurations provided by network administrators. This capability allows large numbers of systems to be connected to a single physical network while securely segmenting certain systems from the rest. Virtual network types include virtual private networks (VPNs), virtual LANs (VLANs), and Ethernet VPN-virtual eXtensible LANs (EVPN-VXLANs), all of which are regularly used in midsized and large networks. EVPN-VXLAN is an increasingly common implementation of network segmentation in modern enterprise networks.

Network switches come in a wide variety of speeds, capabilities, and sizes. They can support anywhere from three devices to thousands of them. Multiple network switches can be connected together to support still more devices. The details of how these switches are connected is referred to as a “network topology.” 

A modern “spine-leaf” topology using high-speed switches with high port density could easily connect tens of thousands of devices into a single physical network. In a spine-leaf data center network, leaf switches aggregate traffic from servers and connect directly to spine switches, which interconnect all leaf switches in a full-mesh topology. These large networks are typically segmented into a large number of virtual networks using EVPN-VXLAN, with leaf switches providing access to (and routing for) different network segments.

This type of network is common in data centers shared by many customers (called “multitenant” data centers), as well as those used by governments and large enterprises.


How does a switch work?

The way a network switch enables inter-device communication is that all connected systems, including the switch itself, follow a standard set of communications protocols. These standards are defined and maintained by international standards organizations, such as the Institute of Electrical and Electronics Engineers (IEEE) and the Internet Engineering Task Force (IETF).

There are three primary ways for devices to connect to a network: radio (such as Wi-Fi), electrical (such as RJ-45 Ethernet), and light-based optics. Each connection method uses a different means of physical network interconnection—RF spectrum, copper cabling, and fiber-optic cabling, respectively—over which IT devices communicate by sending each other a stream of 1s and 0s.

Network standards allow these streams of 1s and 0s to be interpreted into packets. Packets contain a header and a payload. Packet headers contain information such as the source and destination address of the devices that are participating in this communication. Payloads contain the data that the networked devices are actually attempting to exchange. Each device on a network has one or more addresses to which packets can be addressed.

Groups of packets exchanged by two or more addresses are called “data flows.” Data flows are roughly equivalent to individual conversations among networked devices. A switch reads the addresses from the packet headers and then forwards the packets toward their destination.

Switches maintain records, called lookup tables (LUTs). LUTs contain a list of which addresses can be reached using specific switch ports. Some switches, as well as all routers, can be configured with “routes.” Routes are a type of LUT that directs switches to send all packets with certain destinations to an intermediary switch or router. Using routes allows switches to send packets to devices for which the switch doesn’t have address information.

For example, let’s consider how a smartphone might use a home Wi-Fi network to access a web page. The smartphone connects via Wi-Fi to an AP. The AP has a built-in RJ-45/Ethernet switch, which is connected to an Internet router.

Diagram depicting how a smartphone might use Wi-Fi to access a web page

Devices like smartphones access web servers and other remote resources when a series of interconnected switches and routers communicate with one another, hop by hop, from source to destination and back using standard communications protocols and addressing schemes.

A packet of data leaves the smartphone’s radio and is received by the AP. The AP reads the data packet, and determines that it doesn’t know where the destination address in that packet header is located. The switch in the AP has been configured to send all packets with destination addresses it doesn’t know about to the Internet router, so it sends a copy of that data packet through its built-in switch towards the router.

From here, the data packet begins its journey across the Internet. From router to router, and across an unknown number of switches in between, that data packet will eventually arrive at a web server. The web server will respond in kind, sending data packets back along an Internet path toward the original source Internet router, AP-embedded switch, and eventually the smartphone.

This exchange of packets creates a data flow between the smartphone and the web server. Communication is possible because each one of dozens (if not hundreds) of different hardware devices and associated software between the source and destination adhere to standards that have been defined and maintained for decades.


How Juniper implements network switches

Juniper offers a variety of switches with different specs to fit a range of data centers, campus fabrics, and Internet service provider (ISP) networks. Juniper switches feature advanced capabilities and are proven to scale to accommodate the largest networks in the world. Juniper switches, routersfirewalls, and other network devices are at the core of many of the critical networks that underlie the modern Internet.

Juniper switches offer low latency and advanced functionality such as software-defined wide-area networking (SD-WAN) support. They can route packets to both Layer 2 (Ethernet) and Layer 3 (IP) addresses. In a switching context, Layer 2 refers to forwarding data packets to a certain switch port based on what’s known as a media access control (MAC) address, while Layer 3 refers to forwarding data packets based on IP address. Each packet’s destination is calculated using LUTs such as Address Resolution Protocol (ARP) routing tables.

Juniper switches and routers are supported by Mist AI™, which uses a combination of artificial intelligence (AI), machine learning, and data science techniques to optimize operations across multiple network domains. Juniper network switches and other devices can be managed in several ways, depending on your needs, including:

  • Juniper Mist Cloud, which offers a single portal and AI-based insights and automation
  • Juniper Apstra intent-based networking software
  • Python
  • Puppet
  • Ansible
  • Zero-touch provisioning (ZTP)

Juniper networking devices use the Junos OS to offer advanced networking features like:

  • BGP Additional Paths (BGP-AP)
  • Multiprotocol Label Switching (MPLS)
  • Layer 3 VPN
  • VLAN
  • IPv6 Provider Edge (6PE)
  • Cloud optimization

Some Juniper switches are modular, meaning they consist of a chassis and a series of add-in cards. These add-in cards allow for different numbers and speeds of network interface ports and multiple types of WAN connections. They might also contain additional processing cards that offer advanced features. Depending on functionality and number of connectivity ports, Juniper switches might be in form factors as compact as 1 U or as large as 16 U.

High-end Juniper switches can support speeds up to 1080 Gbps and can keep track of up to 1 million MAC address connections. These types of switches are optimal for large data centers, branch locations with advanced networking requirements, and campus deployments.

For large enterprise environments and data centers, it’s common to connect multiple switches together into a network fabric, which is resilient to the loss of any individual switch. Similarly, in these environments, it’s common to use link aggregation to combine multiple physical network connections into a single, highly available logical connection. Juniper recommends deploying switches in an EVPN-VXLAN fabric using Ethernet Switch Identifier-Link Aggregation Groups (ESI-LAGs), which enable peer client devices to form direct logical link interfaces with one another when high-availability connections are required. Juniper switches also support Multichassis LAGs (MC-LAGs) and virtual-chassis configurations for redundancy, although these are no longer recommended.

Network Switches FAQs

What are network switches used for?

A network switch allows two or more IT devices to communicate with one another. In addition to connecting to end devices like PCs and printers, switches may be connected to other switches, routers, and firewalls, all of which can provide connectivity to additional devices. Network switches can also support virtual networks, allowing large networks of interconnected devices to communicate while segmenting certain groups of devices from others for security purposes without requiring separate, costly physical networks.

What’s the difference between a switch and a router?

The practical difference between a switch and a router is what you plug in to each one. Switches are sold for the purpose of connecting many devices, such as servers, PCs, and printers. Routers have increasingly become specialized in routing packets between physical sites, as well as to and from the Internet, at scales ranging from small home networks to the largest data centers in the world.

When you buy a switch, you typically look at the number of ports it supports, the speed of those ports, and what kind of virtual networking the switch enables. Many switches also have basic routing capabilities; routers can route far larger numbers of packets than switches and increasingly support additional capabilities, such as data security.

Traditionally, the difference between a switch and a router was that switches could only forward packets based upon Layer 2 MAC addresses, while a router could route packets based on Layer 3 addresses like IP. In practice, this meant that switches connected a single LAN together, while routers connected multiple LANs, multiple physical locations, and/or offered connectivity to the Internet. This has changed.

In the context of modern networking, the difference between a switch and a router is largely about the primary purpose of the device. Today’s advanced switches support virtual networks and can route packets between different virtual and physical LANs. This means today’s switches can route packets based on both Layer 2 and Layer 3 addresses, just like routers can.

What are the advantages of switch deployments?

Switches allow networks to securely scale in size. Larger switches have the size, security programming, speed, and routing specs to manage up to 1 million MAC addresses. When combined into a network fabric, entire campuses can be connected into a single network, as can large-scale data centers that measure their compute capacity not in the number of servers they contain, but in the number of acres they occupy.

Today’s advanced switches, with support for functionality such as EVPN-VXLAN, enable these large-scale campus and data center networks to function. Combined with routers and firewalls, they can integrate AI, machine learning, and automation capabilities with cloud-based management to make even networks operating at extreme scale easy to manage.

What are the main functions of a network switch?

Switches have three primary tasks. They learn MAC addresses, forward data packets, and protect those packets. Switches learn and store MAC addresses in what’s called the Content Addressable Memory (CAM) table, a type of LUT. Some switches can forward data through Layer 3 network overlays using IP address parameters. Lastly, they keep data packets secure by incorporating VPNs, firewalls, and enhanced encryption embedded in the programming.

How do Juniper’s switches make networking better?

Juniper’s switches make the Internet itself possible. Our switches are deployed not only in the networks of ISPs around the world but also in the world’s largest data centers and in many campus networks, as well. Having to operate in these diverse and demanding environments means that Juniper has the experience to build networking equipment for any need.

Juniper switches are scalable, secure, compatible with non-Juniper equipment, and ready to meet the needs of any network, no matter how large. Juniper network management software takes advantage of AI to enable automation and personalized insights, easing the burden on network administrators.

Gartner Magic Quadrant for Enterprise Wired and Wireless LAN Infrastructure, Tim Zimmerman, Christian Canales, et al., 6 March 2024

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and MAGIC QUADRANT is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Juniper Networks is recognized as Juniper in the 2024, 2022, and 2021 Magic Quadrant for Enterprise Wired and Wireless LAN Infrastructure reports.