Understanding the differences between hubs, switches, and routers is foundational for CCNA 200-301 success. These devices operate at different layers of the OSI model, and confusing them is one of the most common traps on the exam. In real networks, choosing the wrong device can break connectivity or kill performance. This chapter covers Exam Objective 1.3: 'Compare and contrast hubs, switches, and routers'—a topic that appears in multiple-choice, drag-and-drop, and simulation questions.
Jump to a section
Imagine a small office mailroom. A hub is like a bulletin board: anyone can pin a message, and everyone else sees it. If Alice pins a note, Bob, Charlie, and Diana all read it, even if it was meant only for Bob. This wastes time and creates noise. A switch is like a personal assistant who knows everyone's desk location. When Alice gives the assistant a letter for Bob, the assistant walks directly to Bob's desk and delivers it. No one else is bothered. The assistant also learns desk locations by watching where people go. A router is like a postal sorting office that connects different cities. If Alice wants to send a package to a different city, the local mailroom (switch) hands it to the postal office (router), which reads the city name and forwards it to the correct destination. The router maintains a map of cities and knows the best route. In networking, hubs forward data to all ports (like a bulletin board), switches forward frames based on MAC addresses (like a personal assistant), and routers forward packets based on IP addresses (like a postal sorting office). This analogy highlights the key difference: hubs operate at Layer 1 (physical), switches at Layer 2 (data link), and routers at Layer 3 (network).
Hubs, switches, and routers are the three primary network connectivity devices you'll encounter in CCNA. They differ fundamentally in which OSI layer they operate and how they handle data.
Hub (Layer 1 – Physical): A hub is a multiport repeater. It receives electrical signals on one port and regenerates them out all other ports. It has no intelligence—it cannot read MAC or IP addresses. All devices connected to a hub share the same collision domain and the same broadcast domain. Hubs are virtually obsolete in modern networks, but CCNA still tests them for comparison.
Switch (Layer 2 – Data Link): A switch forwards Ethernet frames based on the destination MAC address. It learns MAC addresses by examining source MAC addresses of incoming frames and builds a MAC address table. Each port on a switch is its own collision domain, but all ports belong to the same broadcast domain (unless VLANs are configured). Switches are the backbone of modern LANs.
Router (Layer 3 – Network): A router forwards IP packets based on the destination IP address. It maintains a routing table (either statically configured or dynamically learned via routing protocols like OSPF). Routers break broadcast domains—each interface is a separate broadcast domain. They connect different networks and provide the path selection function.
How They Work Step by Step
Hub Operation: 1. A frame arrives on any port as an electrical signal. 2. The hub regenerates the signal and sends it out every other port. 3. All devices on the hub receive the frame. The destination device processes it; others ignore it (based on MAC address) but still consume bandwidth. 4. Collisions can happen if two devices transmit simultaneously. The hub does not detect or prevent collisions—that's left to CSMA/CD.
Switch Operation: 1. A frame arrives on a port. The switch reads the source MAC address and records it in the MAC address table with the port number. 2. The switch reads the destination MAC address and looks it up in the MAC address table. 3. If found, the switch forwards the frame only out the corresponding port (unicast forwarding). 4. If not found, the switch floods the frame out all ports except the incoming port (unknown unicast flooding). 5. The switch uses store-and-forward switching by default (CCNA 200-301 expects this). It checks the frame's CRC before forwarding.
Router Operation: 1. A packet arrives on an interface. The router strips the Layer 2 header and examines the destination IP address. 2. It looks up the destination IP in the routing table using the longest prefix match. 3. If a match is found, the router encapsulates the packet in a new Layer 2 frame (with new source/destination MAC addresses) and forwards it out the appropriate interface. 4. If no match is found, the router drops the packet (unless a default route exists). 5. The router decrements the TTL (Time to Live) by one. If TTL reaches 0, the router drops the packet and sends an ICMP Time Exceeded message.
Key Differences at a Glance
Layer of Operation: Hub = Layer 1, Switch = Layer 2, Router = Layer 3.
Forwarding Decision: Hub = no decision (repeats signal), Switch = based on destination MAC, Router = based on destination IP.
Collision Domains: Hub = one shared domain, Switch = one per port, Router = one per interface.
Broadcast Domains: Hub = one, Switch = one (per VLAN), Router = one per interface.
MAC Address Table: Hub = no, Switch = yes, Router = no (but has ARP cache).
Routing Table: Hub = no, Switch = no, Router = yes.
IOS CLI Verification Commands
For a Switch (show MAC address-table):
Switch# show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0050.7966.6800 DYNAMIC Gi0/1
1 0050.7966.6801 DYNAMIC Gi0/2This output shows the switch has learned two MAC addresses dynamically on VLAN 1.
For a Router (show ip route):
Router# show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, GigabitEthernet0/0
L 10.1.1.1/32 is directly connected, GigabitEthernet0/0This shows directly connected and local routes.
How They Interact with Related Protocols
ARP (Address Resolution Protocol): Switches and routers both use ARP to resolve IP addresses to MAC addresses. A router sends ARP requests when it needs to forward a packet to a next-hop on a directly connected network.
VLANs: Switches can be configured with VLANs to segment broadcast domains. Routers are needed to route between VLANs (router-on-a-stick or Layer 3 switching).
STP (Spanning Tree Protocol): Switches use STP to prevent loops. Hubs do not participate in STP (they simply propagate BPDUs as broadcasts).
Routing Protocols: Routers use OSPF, EIGRP, etc., to exchange routing information. Switches (Layer 2) do not run routing protocols.
Common Exam Traps
- Trap: A switch can route between VLANs without a router. *Reality:* Only a Layer 3 switch (with routing enabled) or an external router can route between VLANs. A standard Layer 2 switch cannot.
- Trap: A hub creates multiple collision domains. *Reality:* A hub creates a single collision domain. Each port on a switch creates a separate collision domain.
- Trap: A router forwards frames based on MAC addresses. *Reality:* Routers forward packets based on IP addresses. They do not forward frames; they strip and rebuild frames.
- Trap: A switch floods all unknown unicast frames. *Reality:* True, but only until it learns the MAC address. Once learned, it forwards only to the correct port.
Summary
Understanding the OSI layer and forwarding logic of hubs, switches, and routers is critical. Hubs are dumb repeaters, switches are intelligent MAC-based forwarders, and routers are intelligent IP-based forwarders with path selection. On the exam, you will be asked to identify which device operates at which layer, how many collision/broadcast domains each creates, and how they handle traffic. Master these distinctions to avoid the common traps.
Identify the OSI Layer
First, determine which OSI layer the device operates at. A hub operates at Layer 1 (Physical). It simply repeats electrical signals. A switch operates at Layer 2 (Data Link). It makes forwarding decisions based on MAC addresses. A router operates at Layer 3 (Network). It makes forwarding decisions based on IP addresses. On the exam, questions may ask 'Which device operates at Layer 2?' or 'Which device uses IP addresses to forward traffic?' Knowing the layer is the first step to answering correctly.
Analyze Collision Domains
Count the number of collision domains each device creates. A hub creates one collision domain for all ports. A switch creates one collision domain per port (each port is a separate collision domain). A router also creates one collision domain per interface. Exam questions often ask: 'How many collision domains does a 24-port hub have?' The answer is 1. For a 24-port switch, it's 24. Remember that hubs do not segment collision domains.
Analyze Broadcast Domains
Count the number of broadcast domains. Hubs and switches (without VLANs) create a single broadcast domain for all ports. Routers create one broadcast domain per interface. VLANs on switches can create multiple broadcast domains, but by default, a switch has one. Exam questions: 'How many broadcast domains does a router with 3 interfaces have?' Answer: 3. 'How many broadcast domains does a 12-port switch have?' Answer: 1 (default).
Determine Forwarding Logic
Understand how each device forwards traffic. Hubs forward everything out all ports except the incoming port. Switches forward frames based on the destination MAC address; they learn MAC addresses dynamically. Routers forward packets based on the destination IP address; they use a routing table. Exam scenario: 'A frame with destination MAC ffff.ffff.ffff arrives at a switch. What does the switch do?' Answer: Floods it out all ports except the incoming port (broadcast).
Apply to Topology Questions
When given a network diagram, identify each device and its role. For example, a PC connects to a switch, which connects to a router. The PC sends a packet to a remote network. The switch forwards the frame to the router based on MAC. The router forwards the packet based on IP. Exam questions may ask: 'Which device will strip the Layer 2 header?' Answer: The router. Or 'Which device will add a new Layer 2 header?' Answer: The router.
Recall Default Settings
Know the default behavior of each device. Switches use store-and-forward switching by default (checks CRC). Hubs have no intelligence. Routers have a default gateway of last resort not set. Switches have all ports in VLAN 1 by default. Exam questions may test default VLAN or default switching mode. For example: 'What is the default switching method on a Cisco switch?' Answer: Store-and-forward.
In enterprise networks, hubs are virtually extinct, but understanding them helps explain legacy issues. Switches are ubiquitous in LANs. For example, in a typical office, each desk has a wall jack connected to a switch in the wiring closet. The switch learns which MAC addresses are on each port, so traffic between two PCs in the same office goes directly between the switch ports without touching other devices. This reduces congestion and improves security. Without switches, all traffic would be broadcast, wasting bandwidth.
Routers connect different networks. In a company with multiple branches, each branch has a router connecting to the WAN. The router at headquarters runs OSPF to exchange routes with branch routers. When a user at a branch accesses a server at HQ, the branch router forwards the packet based on the destination IP, choosing the best path. Routers also provide security via access control lists (ACLs) and network address translation (NAT).
A common misconfiguration is using a switch where a router is needed. For example, connecting two different subnets with a switch alone will not allow communication between them because switches do not route IP packets. The devices could only communicate if they are on the same subnet. Another mistake is using a hub instead of a switch, which results in poor performance due to collisions and limited bandwidth. In production, hubs are rarely seen except in small test labs or for packet capture (since all traffic is visible).
Performance considerations: Switches have backplane speeds that determine how much traffic they can handle. Enterprise switches can have switching capacities of hundreds of Gbps. Routers have forwarding rates measured in packets per second (pps). A router with a slow CPU can become a bottleneck. When misconfigured (e.g., incorrect routing protocol metric), routers may cause suboptimal routing or black holes.
Overall, a network engineer must choose the right device for each segment: switches for LAN connectivity, routers for inter-network connectivity, and hubs only for legacy or specific monitoring scenarios.
This topic is tested under CCNA 200-301 Objective 1.3: 'Compare and contrast hubs, switches, and routers.' Expect multiple-choice questions that ask you to identify the device based on its characteristics, or to determine the number of collision/broadcast domains in a given topology. Drag-and-drop questions may ask you to match devices to their OSI layer or forwarding logic.
Common wrong answers and why candidates choose them:
'A switch operates at Layer 3.' Candidates confuse switches with routers because both forward traffic. But a standard switch is Layer 2. Only a multilayer switch (Layer 3 switch) can route.
'A hub creates multiple collision domains.' Candidates think each port on a hub is separate, but hubs repeat signals to all ports, creating one collision domain.
'A router forwards frames based on MAC addresses.' Candidates remember that routers use MAC addresses for the next hop, but the primary forwarding decision is based on IP.
'A switch floods all unknown unicast frames out all ports.' True, but candidates forget that once the MAC is learned, it unicasts. The exam may ask about behavior when the MAC table is empty.
Specific values and defaults:
Default switching mode on Cisco switches: store-and-forward.
Default VLAN: VLAN 1 (all ports).
Router's default route: not set.
Hub: no default configuration needed.
Calculation traps: None directly, but you may need to calculate the number of collision domains in a mixed topology. For example, a network with a 4-port hub connected to a 4-port switch: the hub creates 1 collision domain, the switch creates 4, but the connection between them adds one more? Actually, each link is a separate collision domain. So total collision domains = hub's 1 + switch's 4 + link = 6? Careful: The hub's ports are all one domain, so the link between hub and switch is part of that hub domain. So total = hub domain (1) + switch ports (4) = 5? But the switch port connected to hub is already counted in switch ports. So total = 1 (hub) + 4 (switch ports) = 5. However, the link between hub and switch is not an additional domain because it's part of the hub's domain. Always consider that each switch port is a separate domain, and all hub ports share one.
Decision rule for scenario questions: If the question asks about forwarding based on MAC, it's a switch. If based on IP, it's a router. If it repeats signals, it's a hub. For collision domains: count switch ports and router interfaces individually; hub counts as one. For broadcast domains: count router interfaces and VLANs; hub and switch count as one each (unless VLANs).
Hub operates at Layer 1 (Physical) – repeats electrical signals to all ports.
Switch operates at Layer 2 (Data Link) – forwards frames based on destination MAC address.
Router operates at Layer 3 (Network) – forwards packets based on destination IP address.
Hub creates 1 collision domain; Switch creates 1 collision domain per port; Router creates 1 collision domain per interface.
Hub and Switch (default) create 1 broadcast domain; Router creates 1 broadcast domain per interface.
Switches learn MAC addresses dynamically and build a MAC address table.
Routers use routing tables (static or dynamic) to make forwarding decisions.
Default switching method on Cisco switches is store-and-forward (checks CRC).
These come up on the exam all the time. Here's how to tell them apart.
Hub
Layer 1 (Physical)
Repeats signals to all ports
1 collision domain
1 broadcast domain
No MAC address table
Half-duplex (CSMA/CD)
Switch
Layer 2 (Data Link)
Forwards frames based on MAC
1 collision domain per port
1 broadcast domain (default)
Maintains MAC address table
Full-duplex (no collisions)
Switch
Layer 2 (Data Link)
Forwards frames based on MAC
No routing table
Does not modify TTL
Connects devices within same network
Uses ARP to resolve IP to MAC
Router
Layer 3 (Network)
Forwards packets based on IP
Has routing table
Decrements TTL
Connects different networks
Uses ARP for next-hop resolution
Mistake
A switch operates at Layer 3 because it forwards traffic between networks.
Correct
A standard switch operates at Layer 2 and forwards frames based on MAC addresses, not IP addresses. Only a Layer 3 switch (or router) can route between networks.
Candidates see switches connecting different subnets via VLANs and assume they route, but VLAN routing requires a router or Layer 3 switch.
Mistake
A hub has multiple collision domains, one per port.
Correct
A hub creates a single collision domain for all ports because it repeats all signals out every port, causing collisions if two devices transmit simultaneously.
Candidates think each port is isolated, but hubs are repeaters, not switches.
Mistake
A router forwards frames based on MAC addresses.
Correct
A router forwards packets based on IP addresses. It does not forward frames; it strips the incoming frame and creates a new frame for the next hop.
Candidates confuse the router's use of MAC addresses for next-hop delivery with the forwarding decision.
Mistake
A switch always floods unknown unicast frames out all ports.
Correct
A switch floods unknown unicast frames only until it learns the MAC address. Once learned, it forwards unicast frames only to the correct port.
Candidates focus on the initial flooding behavior but forget that learning occurs.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
A hub creates a single collision domain for all its ports. If two devices connected to a hub transmit at the same time, a collision occurs. A switch creates a separate collision domain for each port, so devices on different switch ports can transmit simultaneously without collisions. This is because switches use microsegmentation and support full-duplex operation.
A standard Layer 2 switch cannot route between VLANs. To route between VLANs, you need either a router (with subinterfaces in a router-on-a-stick configuration) or a Layer 3 switch that has routing enabled. A Layer 3 switch can perform both switching and routing, but it requires configuration (e.g., 'ip routing' command).
The default switching method on Cisco switches is store-and-forward. In this method, the switch receives the entire frame, checks the CRC (cyclic redundancy check) for errors, and then forwards the frame. If the CRC fails, the frame is dropped. This ensures error-free forwarding but introduces a small delay (latency).
Yes, a router uses MAC addresses, but only for Layer 2 encapsulation. When a router receives a packet, it strips the Layer 2 header. To forward the packet out an interface, it creates a new Layer 2 header with the source MAC of the outgoing interface and the destination MAC of the next-hop device (obtained via ARP). The router's forwarding decision is based on the IP address, not the MAC.
A hub creates a single broadcast domain. All devices connected to a hub receive all broadcast frames. Hubs do not segment broadcast domains; they are Layer 1 devices. To segment broadcast domains, you need a router or VLANs on a switch.
A router's routing table contains entries that tell the router which interface to use to reach a particular destination network. Each entry includes a network address, subnet mask, next-hop IP address, and metric. The router uses the longest prefix match to select the best route. If no match is found, the packet is dropped (unless a default route exists).
Hubs are obsolete because they offer poor performance and security. All devices share the same bandwidth and collision domain, leading to collisions and reduced throughput. Hubs also broadcast all traffic, making it easy to eavesdrop. Switches provide dedicated bandwidth per port, full-duplex communication, and better security by isolating traffic.
You've just covered Hub vs Switch vs Router: Layer Differences — now see how well it sticks with free CCNA 200-301 practice questions. Full explanations included, no account needed.
Done with this chapter?