With the intuition that every device on the data path contributes to the end-to-end delay, we propose a simple and deterministic measurement-based approach for detecting the insertion of a layer-2 switch on the data path of a network operator. 
For this purpose, we use commodity hardware and the standard ping tool for collecting ICMP RTTs. 
To minimise inaccuracies in the measurements, we increase timing determinism on both ICMP source and target by using a real-time kernel on both, a dedicated source (a Linux server) and target (an RPI4 with custom image). Additionally, we manipulate real-time attributes for prioritising the ping process. By using this approach on different loaded networks: lab, campus network,  research and education network and an ISP, we are able to reliably detect that a switch was added at the end of the path or within it.
Our method yields an excellent performance on  networks with considerable cross traffic as well as lightly loaded networks.