What does a switch do? What does a router do? How do packets get from here to the Internet and back? For (some of) the answers, read on...
[ I need to start with an aside about ARP. If a machine wants to send a packet on the local network to a given IP address, it needs to find out the MAC address of the destination so that it can address the packet correctly at the ethernet layer, which is below the IP layer. This is done using a protocol called ARP. All you need to know is that:
End of aside. ]
A switch1 is basically a device that joins together all of its ports into a single physical network. In this respect, it's like a hub. The only difference between a switch and a hub is that a switch keeps a record of which MAC addresses it has seen packets from on each of its ports, and a hub doesn't. This allows the switch to redirect packets for a given ethernet device to the right port, thus saving bandwidth on the other ports. A hub simply broadcasts everything everywhere.
Thus, the switch knows nothing at all about IP addresses – it works at the layer underneath that, and handles things at the ethernet layer.
Now, to anticipate your next question: Packets for the outside world get sent to the router because each machine on the network knows that the router is special. This is the "default gateway" setting in the network options on every machine. If you are using DHCP, then the default gateway is set as part of the DHCP negotiation.
What happens is that every device2 that has an IP address and uses Internet Protocol must maintain at minimum three pieces of information:
The IP address is used for (a) putting on outgoing packets as the source address, so that returned packets can be sent to the right place, and (b) identifying packets that are intended for the device.3
The netmask is used to define the range of addresses which are considered "local". Addresses which match the local network are sent directly to the destination machine.
Finally, the default gateway (which is a router device) is the destination for everything else.
All of this is embodied in the routing table. On a Linux box, you can see the routing table thus:
hrm@vlad:~ $ sudo route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 br0
What this says is that 10.0.0.0/24 (or 10.0.0.0/255.255.255.0) is the local network, and that packets for that network should be sent out on the br0 interface. Then packets for anywhere else (0.0.0.0/0) are to be sent through the default gateway (G in the Flags column) of 10.0.0.1, which is the router.
So… if vlad, the machine above, wants to send a packet to, say, 10.0.0.50, it will simply put it out on the local network, with a destination of 10.0.0.50, and the MAC address of the destination machine. The switch will look at the MAC address only, and send it out on the correct port to get to where it's going.
If vlad wants to send a packet to, say, 188.8.131.52 on the internet, it will construct a packet with that IP address as a destination and then send it to the MAC address for 10.0.0.1. Again, the switch looks at the MAC address only, and sends it to the gateway, which then processes the packet, looks at the IP address of the destination, and makes its own decision about where to send it next (using a slightly larger and more complex routing table, because it's a router).
1. I'm talking about unmanaged switches here – the sort that you're likely to have at home. Managed switches – the kind that get used in big institutional networks – are much more complicated things.
2. "Device" here is really an interface, which is rather more complicated than "machine", in that a machine could have several network cards, and each network card could have several interfaces. But don't worry about that for now.
3. Of course, in a typical fully-switched environment, this is redundant.