Once a device is connected to a switch, the switch identifies its media access control (MAC) address, a code that’s baked into the device’s network-interface card (NIC). The NIC attaches to the Ethernet cable that attaches to the switch.
The switch uses the MAC address to identify which attached device is sending outgoing packets, and where to deliver incoming packets.
The MAC address identifies the physical device and doesn’t change, as opposed to the network layer (Layer 3) IP address, which can be assigned dynamically to a device and change over time.
When one device sends a data packet to another device, the packet enters the switch and the switch reads the header to determine what to do with it. The switch matches the destination address or addresses and sends the packet out through the appropriate ports that lead to the destination devices.
To reduce the chance for collisions between network traffic going to and from a switch and a connected device at the same time, most switches offer full-duplex functionality in which packets coming from and going to a device have access to the full bandwidth of the switch connection. (Picture two people talking on smartphones as opposed to a walkie-talkie).
While it’s true that switches operate at Layer 2, they can also operate at Layer 3, which is necessary for them to support virtual LANs (VLAN), which are logical network segments that can span subnets. In order for traffic to get from one subnet to another it must pass between switches, and this is facilitated by routing capabilities built into the switches.