35 Essential Switching Interview Questions and Answers

A network switch is a Layer 2 device that forwards frames based on MAC addresses. Unlike hubs, switches create separate collision domains on each port, reducing contention and optimizing bandwidth.

A hub broadcasts data to all devices—causing collisions—whereas a switch forwards traffic only to the intended destination, improving network security and efficiency.

A CAM table (Content Addressable Memory) stores MAC-to-port mappings, allowing high-speed hardware lookups for frame forwarding.

A collision domain is a segment where multiple devices share the same bandwidth, leading to collisions. Each switch port represents an independent collision domain.

A broadcast domain consists of all devices reached by a broadcast frame. VLANs logically divide broadcast domains for performance and security.

A VLAN (Virtual Local Area Network) logically segments a physical network into independent broadcast domains, improving security, isolation, and traffic control.

It enables communication between VLANs using a Layer 3 switch (SVIs) or router-on-a-stick.

VLAN Trunking Protocol distributes VLAN configurations across switches. While helpful, improper configuration can overwrite VLAN databases network-wide.

• Server – Creates and modifies VLANs.
• Client – Receives VLAN updates from servers.
• Transparent - sends VTP messages but does not participate.

A trunk port carries multiple VLANs across links using tagging standards like 802.1Q.

The VLAN that is transmitted untagged on a trunk. Misconfiguration may result in VLAN hopping or other vulnerabilities.

Spanning Tree Protocol prevents Layer 2 loops by blocking redundant paths, ensuring a loop-free topology.

Based on the bridge ID with the lowest priority (plus MAC). A lower value increases the chance of becoming root.

• Root Port (RP) – The optimal path to the root bridge.
• Designated Port (DP) – Forwards traffic for the segment.
• Blocked Port – Prevents loops

Rapid Spanning Tree Protocol offers sub-second convergence with enhanced port roles and states.

Multiple Spanning Tree Protocol groups VLANs into instances, improving scalability in large deployments.

A mechanism that limits MAC addresses per port to prevent unauthorized access and mitigate attacks.

A security feature that disables a port upon receiving unexpected BPDUs, protecting the STP topology.

It blocks rogue DHCP servers by defining trusted and untrusted ports and inspecting DHCP packets.

DAI compares ARP packets with DHCP bindings to prevent ARP spoofing and MITM attacks.

It limits broadcast, multicast, or unknown unicast traffic to prevent congestion and outages.

A method of aggregating multiple physical links into a single logical bundle, improving performance and redundancy.

• LACP – IEEE 802.3ad standard
• PAgP – Cisco proprietary

Virtual Switching System merges two chassis-based switches into one logical system, enhancing redundancy and reducing management overhead.

A switch capable of routing using ASIC-based fast forwarding, offering higher performance than software-based routers.

Cisco Express Forwarding uses FIB and adjacency tables for fast, deterministic forwarding.

A Switch Virtual Interface is a logical Layer 3 interface used for inter-VLAN routing.

Cisco Discovery Protocol shares device details (interfaces, IPs, platform) with neighbors.

A vendor-neutral discovery protocol similar to CDP.

Quality of Service prioritizes time-sensitive traffic such as voice, video, or critical applications.

Switch Port Analyzer mirrors traffic to another port for analysis or troubleshooting.

It optimizes multicast distribution by forwarding traffic only to ports with active multicast receivers.

Unidirectional Link Detection identifies one-way fiber failures that can cause STP loops.