VLAN & unknown unicast

Answered Question
Oct 1st, 2007
User Badges:

which ports does a switch forward a unkown unicast or multicast frame when there are several vlans spanned over several switches?


Lets say a switch received a unknowns unicast frame on a port that is part of vlan 20, this switch has several vlans, some other switches connected on trunks and also a router. So will this switch forward the frame on all vlan 20 ports on this switch and on the trunk ports as well?


thanks for your help.

Correct Answer by Kevin Dorrell about 9 years 6 months ago

Yes, for an unknown unicast, the switch will forward the frame to all ports on the VLAN, including any trunks, unless the port is in Spanning Tree blocking state, or unless the trunk does not have the VLAN on its "allowed" list.


For an unknown multicast, the situation is slightly different. If it is an IP multicast (but not in the range 224.0.0.x), and you have IGMP snooping or CGMP enabled on the switch, then the frame is only forwarded to those hosts that have actually expressed an interest in that multicast by sending an IGMP report for that address.


Kevin Dorrell

Luxembourg


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
paul.matthews Mon, 10/01/2007 - 23:58
User Badges:
  • Silver, 250 points or more

Broadcast, multicast (when not constrained by IGMP Snooping or CGMP) and unknown unicast will be forwarded oout of all ports within the VLAN, including trunk ports, so that the packet can reach all ports present in the VLAN on all switches.

Correct Answer
Kevin Dorrell Tue, 10/02/2007 - 00:02
User Badges:
  • Green, 3000 points or more

Yes, for an unknown unicast, the switch will forward the frame to all ports on the VLAN, including any trunks, unless the port is in Spanning Tree blocking state, or unless the trunk does not have the VLAN on its "allowed" list.


For an unknown multicast, the situation is slightly different. If it is an IP multicast (but not in the range 224.0.0.x), and you have IGMP snooping or CGMP enabled on the switch, then the frame is only forwarded to those hosts that have actually expressed an interest in that multicast by sending an IGMP report for that address.


Kevin Dorrell

Luxembourg


swmorris Mon, 10/08/2007 - 15:03
User Badges:
  • Bronze, 100 points or more

You can use the 'switchport block unicast' command on individual ports you do NOT want this flooding to occur on.


:)


Scott

smorris@ipexpert.com


orenjohnson Tue, 10/09/2007 - 18:53
User Badges:

If I can put it in layman's terms (experts, correct me if I am wrong). Since a vlan defines a broadcast domain, the unknown unicast would be flooded out all ports on the vlan with the exception of the port it was received on. Right or wrong?

swmorris Tue, 10/09/2007 - 20:28
User Badges:
  • Bronze, 100 points or more

Correct.


But remember that we're dealing in Layer 2 terms here, so it has to do with the switch's knowledge (or not) of where the destination MAC address goes to!


But yes, flooded to all "available" ports other than the one it came in on. Some ports may have "switchport block unicast" on them which would make them unavailable.


HTH,


Scott

smorris@ipexpert.com

rajibchicago Tue, 10/09/2007 - 21:31
User Badges:

yes it would flood out all ports on the vlan with the exception of port it was received but it would also forward the traffic on trunking ports if the particular vlan is allowed on the trunk.

cblake Tue, 10/30/2007 - 11:32
User Badges:

Do you have any recommendations on how to prevent unwanted unicast flooding? I am experiencing that issue on my network today. I have made some modifications to mac-address aging time (made = to arp aging), however am trying to figure out root cause of the floods.



swmorris Tue, 10/30/2007 - 12:05
User Badges:
  • Bronze, 100 points or more

On any ports that you don't want to receive unknown unicasts use the "switchport block unicast" command.


Don't use this on trunk ports or you can mess things up! :)


HTH,


Scott

smorris@ipexpert.com

Kevin Dorrell Thu, 11/01/2007 - 02:59
User Badges:
  • Green, 3000 points or more

Yes, if your VLAN is pruning eligible, and if it is pruned from a trunk, then that trunk will not pass any flooded traffic for that VLAN. That includes broadcasts, multicasts (if no IGMP snooping), and flooded unicasts.


Kevin Dorrell

Luxembourg


swmorris Thu, 11/01/2007 - 07:44
User Badges:
  • Bronze, 100 points or more

VTP Pruning is a trunk feature. It will allow switches to prune back VLANs that have absolutely no access ports inside them.


Basically this decreases the amount of bandwidth on your trunk such that unknown unicasts or broadcast/multicast traffic aren't carried to every single switch for a vlan that only exists on one or two switches.


HTH,


Scott

Actions

This Discussion