Skip to main content

Doubt regarding Switching Principle

More
15 years 4 months ago #31080 by gvkalra
Hi. I am new to networking and preparing for my CCNA (self study CBT tutorials).

I have one doubt after going through the Switching concept.

Scenario:
Hosts A,B,C,D are connected to the same switch.

#show mac-address-table dynamic
VLAN MAC ADDRESS PORT TYPE
1 AA:AA:AA:AA:AA:AA fa 0/1 dynamic
1 BB:BB:BB:BB:BB:BB fa 0/2 dynamic
1 CC:CC:CC:CC:CC:CC fa 0/3 dynamic
1 DD:DD:DD:DD:DD:DD fa 0/4 dynamic

Now if the Host A (AA:AA:AA:AA:AA:AA) sends out a frame destined for EE:EE:EE:EE:EE:EE the switch will flood the network and will get no response about the presence of EE:EE:EE:EE:EE:EE.

How will the Switch handle this? Will it drop the packet? or try again? For how long will it wait for the reply from EE:EE:EE:EE:EE:EE?
More
15 years 4 months ago #31081 by Perlhack
You say the switch will flood the frame out all the switchports (except the one it was received) and I agree with that ... so the switch does not drop the frame. The switch does not wait for a reply, its a switch with the purpose of pumping frames through the network by default. Of course there are features to drop frames, ect..

The host will wait for a reply as the case with ARP. Once the host has the layer3 to layer 2 mapping it will send the packet. During the ARP process the switch learns the MAC addresses by looking at the source MAC, and what interface the frame ingressed the switch then populates its MAC table.

The issue you stated is what some folks take advantage of, blast unknown and never to be resolved MAC addresses onto the ethernet network. The switch will flood these packets. See the problem?
More
15 years 4 months ago #31085 by TheBishop
Good answer.
So basically any frame received on any port for a MAC address the switch does not have in its forwarding table will be flooded - whether the switch has seen the MAC before or not doesn't matter. But once that MAC address has appeared in the source-mac-address of a frame then the switch knows which port it can be reached on an places an entry into its forwarding table to record this. After that, the switch forwards the frame on that port only
More
15 years 4 months ago #31087 by gvkalra

Good answer.
So basically any frame received on any port for a MAC address the switch does not have in its forwarding table will be flooded - whether the switch has seen the MAC before or not doesn't matter.
But once that MAC address has appeared in the source-mac-address of a frame then the switch knows which port it can be reached on an places an entry into its forwarding table to record this. After that, the switch forwards the frame on that port only

Yeah I agree with that, but there seems some draw back in this technique.

Suppose that there is some evil host in the network which is sending out frames to a destination which doesn't exist in the network.
Since the destination never exists in the network, the switch will not have it's entry in its MAC address table.
So basically what the evil host is achieving is that it can flood the whole network by simply sending a packet destined for a host which doesn't exist.
That could consume a lot of bandwidth.... What would be it's solution?
More
15 years 4 months ago #31088 by gvkalra

You say the switch will flood the frame out all the switchports (except the one it was received) and I agree with that ... so the switch does not drop the frame. The switch does not wait for a reply, its a switch with the purpose of pumping frames through the network by default. Of course there are features to drop frames, ect..

The host will wait for a reply as the case with ARP. Once the host has the layer3 to layer 2 mapping it will send the packet. During the ARP process the switch learns the MAC addresses by looking at the source MAC, and what interface the frame ingressed the switch then populates its MAC table.

The issue you stated is what some folks take advantage of, blast unknown and never to be resolved MAC addresses onto the ethernet network. The switch will flood these packets. See the problem?


Yeah I understood the problem. But how do I resolve it? There must be some way out to drop such wild frames
  • gagamboy
  • Visitor
  • Visitor
15 years 4 months ago #31091 by gagamboy
Replied by gagamboy on topic Re: Doubt regarding Switching Principle
This seems a very good topic but I also do not know the answer. :)

Hello experts,

Any inputs there? Thanks.
Time to create page: 0.142 seconds