Let me walk through it myself as well, I think it will be easier to explain:
H1 pings H2
Because H2 is in a different subnet, H1 sends the packet to the default gateway, that is, SVI VLAN 10 on SW1.
SW1 decapsulates the frame and looks at the IP header. Destination IP address is that of H1. If it has the ARP entry, then it knows the destination MAC address to place in the frame header, and it does so.
If it has no entry for the destination MAC in the MAC table, then it will be flooded out of all ports on VLAN 20 and all trunks that include VLAN 20, so H3 does indeed receive it too).
SW2 will receive the packet. If the MAC address of H2 is in the MAC address table, then it will be forwarded only out of Fa0/2. Otherwise it will be flooded to all VLAN 20 ports.
H2 receives the ping, and responds to the IP address of H1. It sends the response to the SVI VLAN 20 of SW2.
It decapsulates the frame, checks the destination IP, and uses the ARP cache to find the destination MAC, and populates the frame header with destination MAC.
If it doesn’t have an entry in the MAC address table for this destination MAC, it will be sent out all of the VLAN 10 access interfaces and trunks that include VLAN 10, reaching SW1.
if the destination MAC is in the MAC table, the frame is forwarded out of Fa0/1 to go to H1. If it is not in the MAC table, it is flooded out of all VLAN 10 access ports and trunk ports that include VLAN 10.
Sorry for restating this, but it helps in verification. Your understanding is indeed correct. SW1 will never learn H2’s MAC address because all traffic between H1 and H2 is routed at SW2, so H1’s MAC address never reaches SW1 for it to be recorded.
Hi Guys, I understand that the destination MAC for broadcast traffic is ffff.ffff.ffff but what is the destination MAC address used for unknown unicast frames? Thanks - Gareth.
Ok - there isn’t a specific unknown unicast MAC address (I think), the MAC address for the desired destination host is used and flooded via every port apart from the ingress.
Yes, that’s it. When we say “unknown” MAC address, we mean a MAC address that is not found within the MAC address table of the switch. And in the case described in the lesson, the switch will never learn this MAC address, so all such traffic will be flooded.
Remember that a switch populates its MAC address table by taking the source MAC address of a frame and associating it with the port on which it came in on. This information is placed in the MAC address table. In the scenario described in the lesson, the MAC address of H2 will never be learned by SW1 because all incoming traffic from this device is routed on SW2, so the only MAC address SW1 will see is that of the SVI on SW2.
So the MAC address of H2 will remain unknown forever, and will cause flooding on SW1.
I am confused a bit. When you say that SW1 have ARP entry of H2, so, I believe it knows the MAC address of H2.
SW1#show ip arp 192.168.20.2
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.20.2 101 0017.5aed.7af1 ARPA Vlan20
SW1#show mac address-table address 0017.5aed.7af1
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
Is it because that it does not know how to reach the MAC of H2 ,it floods the packet towards all VLAN 20 ports except the port from where it received the packet?
It is important here to clearly understand the purpose (and the difference) between the MAC address table and the ARP table within a Layer 3 switch.
The MAC address table will provide a correspondence between MAC addresses and switch ports for the purpose of forwarding transient traffic within the same network segment.
The ARP table will provide a correspondence between IP address and MAC address for the purpose of forwarding transient traffic from one subnet to another. Specifically, to determine the MAC address of the next hop.
So if you have traffic coming from a host in VLAN 20 destined for a host in VLAN 20 (same subnet) then the only thing that will be used is the MAC address table and not the ARP table. In this case, the specific MAC will be looked up to see out of which VLAN 20 port it should forward the frame. If the destination is not in the MAC address table it is forwarded out of all ports even if the MAC exists in the ARP table.
The ARP table will only be referenced when a Layer 3 interface (the SVIs in this case) wants to forward a packet to the next hop IP and the next hop MAC is not known (not in the ARP table). Then an ARP request will be sent.
It seems that you have responded to me personally, so I will share your post and respond to it here.
Hi Laz,
Thanks for your reply.
So in this case traffic is between different vlans.(vlan 10 to vlan 20).
Correct me if I am wrong.
when the packet sent by H1 is received on Sw1.
It will first look that the destination IP is of different Vlan. So it will perform routing.
Further checking it will find vlan 20 is directly connected, so at this stage it will check Arp table first to find the Mac address of destination.
Then it will search the Mac address of H2 in Mac address table, but not finding it it will send the unicast message having Mac of H2 on all Vlan 20 interface. Is this right?
Thanks,
Justin George
Yes this is absolutely correct. And the reason it won’t find H2’s MAC address in its ARP table is because SW1 will never receive a frame with a source MAC address of H2.
Remember that the ARP table is populated by using the source MAC addresses read on frames coming into particular ports. Because SW1 will never see an incoming frame with the source MAC of H2 (because SW2 takes care of those frames), it will never know out of which port to send a frame destined for H2.
Yes this is absolutely correct. And the reason it won’t find H2’s MAC address in its ARP table is because SW1 will never receive a frame with a source MAC address of H2
But switch should have a entry right that H2 is on other side of the trunk and it can be reached on port trunk on SW2 ?
I am having difficulty whole concept of asymmetric routing or to be precise unknown unicast flooding , kindly would request to explain what happens when all the devices are turned on for the first time and H1 wants to communicate with H2 - I have been behind this for 2 days
The only way SW1 will learn of H2’s MAC address is if a frame comes from H2 and enters the Fa0/24 interface of SW1 with a VLAN tag of VLAN 20. But this never happens. Because when H2 sends a frame, it is routed at the SVI VLAN20 of SW2, and sent on VLAN 10 to the trunk port of SW1 with a source MAC of the SVI on SW2.
The default gateway of H1 is the SVI for VLAN10 in SW1
The default gateway of H2 is the SVI for VLAN20 on SW2
H1 and H2 are on different subnets
Communication between H1 and H2 requires the use of a default router
When H1 sends a packet to H2, it hits the SVI of VLAN 10 on SW1 and is routed to VLAN 20, and is sent over the trunk to SW2 on VLAN20. When SW2 receives this frame, it has a source MAC of the SVI VLAN20 of SW1. Therefore SW2 knows nothing of H1’s MAC address and never will since all traffic sourced from H1 to H2 will be routed at SW1.
Similarly, when H2 sends a packet to H1, it hits the SVI of VLAN 20 on SW2 and is routed to VLAN 10 and is sent over the trunk to SW1 on VLAN 10. When SW1 recieves the frame, it has a source MAC of the SVI VLAN 10 of SW2. Therefore SW1 knows nothing of H2’s MAC address and never will since all traffic sourced from H2 to H1 will be routed at SW2.
So SW1 will never learn H2’s MAC address, so any frame with H2’s MAC as the destination MAC that arrives at SW1 will always be flooded, because there is no MAC address table entry for that MAC.
Thanks Laz for the explanation i understood the working when mac address table is flushed out n unicast flooding starts but its mentioned unknown unicast flooding starts when SW1 mac address table is flushed out after a aging time is reached until then there will b no issues of unicast flooding so just wanted to know what will be the mac address table for SW1 look like when everything is working fine , how does SW1 learn H2s mac address for the first time when H1 is powered on
Ah yes, understood. Until now I was describing the situation after unicast flooding began, but there is a period in time, as you correctly state, where everything is working correctly…,.
As soon as all devices are turned on, the ARP tables and MAC address tables are empty. H1 sends a ping to H2, and this is what happens:
The packet is received by SW1 and is routed to VLAN 20. At this point VLAN 20 knows the destination IP address, but not the destination MAC.
ARP is used to learn of the destination MAC address, and this is flooded on VLAN 20. The ARP request is a broadcast, so it reaches all of VLAN 20 on both switches.
H2 will respond with an ARP reply, and will send it to the VLAN 20 SVI on SW1. SW1 will update its ARP table.
This ARP response has a the source MAC address of H2, so it will also be used to populate SW1’s MAC address table with H2’s MAC address. So now SW1 has both an ARP and a MAC address table entry.
Another way in which H2’s MAC address is recorded on SW1’s MAC address table is when H2 performs an ARP request of its own for its default gateway. This too would reach SW1 and would populate the MAC address table.
This is how the correct MAC table and ARP table entries are obtained.
Now the ARP table caches its entries for four hours while the MAC address table for 5 minutes. If H2 remains idle for more than 5 minutes, SW1 will lose its MAC address table entry for H2. Any subsequent traffic that occurs will have an ARP table entry, but no MAC address table entry for H2 in SW1, and unicast flooding occurs. If H2 remains idle for more than four hours, then the ARP table is also purged, and correct ARP and MAC address table entries can once again be obtained.
“Another way in which H2’s MAC address is recorded on SW1’s MAC address table is when H2 performs an ARP request of its own for its default gateway.” - This too would reach SW1 and would populate the MAC address table." ----- So on SW1’s MAC Address table the entry will be like Port 24 to reach H2 on Vlan 100 ?
The MAC address table entry for H2’s MAC address on SW1 will be on Fe0/24, but it will be associated with VLAN 20. In the previous post I mentioned that there are two ways that SW1 can obtain the MAC Address Table entry of H2’s MAC (numbers 4 and 5 in the list). In both cases, SW1 will learn of H2’s MAC on its Fe0/24 port, and will associate them with VLAN 20.
