01-09-2009 03:13 PM - edited 03-06-2019 03:21 AM
Is there any real case when a switch after it receives a unicast frame on one of its ports would flood the frame on all its ports except the port it received the frame on?
I see this being possible only if the destination MAC address was already flushed by the switch from its MAC table when the unicast frame arrived, whereas that destination MAC address is still valid in the host's ARP table (not needing os to send a broadcast ARP for learing that MAC address), but I don't know if this could happen in real cases.
What is the default timer for flusing an entry from the MAC table of a switch ?
Solved! Go to Solution.
01-09-2009 03:37 PM
Petru
Apologies. Yes if an end device has the mac-address of the destination device but the switch does not then it would flood the frame out all ports (except the one it received on).
It could also occur when the mac-address table is full and the switch can no longer store any entries. Have a look at this link which covers unicast flooding within a switched network -
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801d0808.shtml
Jon
01-09-2009 03:17 PM
The most common case is when the switch does not know which port the unicast packet is destined for so it needs to flood the packet out of all ports.
This quite a common occurence and you often find posts in these forums saying "i am running a sniffer on my desktop and am seeing unicast packets that are not addressed to my pc."
Jon
01-09-2009 03:17 PM
What is the default timer for flusing an entry from the MAC table of a switch ?
i think its 300 seconds.
01-09-2009 03:29 PM
To Jon:
Yes, I know the reason why a switch floos a frame, it is when it does not have the entry with destination MAC in its MAC table.
The question is when we could have such cases?
And I was wondering whether this is possible only when the host's ARP table expires later then the switch flushed its MAC table. Otherwise the host will always start with broadcast ARP, then the switch will learn the destination MAC and next when the host will send the actual unicast frame the switch will be able to forward/filter it to only the right port.
So, is this the only case possible?
And those 300secs seems higher than the ARP table validity timer in the host, which then puzzles me even more.
01-09-2009 03:37 PM
Petru
Apologies. Yes if an end device has the mac-address of the destination device but the switch does not then it would flood the frame out all ports (except the one it received on).
It could also occur when the mac-address table is full and the switch can no longer store any entries. Have a look at this link which covers unicast flooding within a switched network -
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801d0808.shtml
Jon
01-09-2009 04:00 PM
Thanks for the link.
A last point: do you confirm that the default timer is 300 seconds?
PS:I have a lot to learn, just started to prepare for CCNA, hope in 6 months to be at full speed :-)
I'll surely come with lots of questions, as I don't take anything I'm reading as granted, must have a complete technical explanation in order to accept it.
01-09-2009 04:03 PM
Petru
"as I don't take anything I'm reading as granted, must have a complete technical explanation in order to accept it."
That is the best way to be. If you have this approach you will be a very good network person.
Feel free to ask as many questions as you need.
Jon
01-09-2009 05:15 PM
good luck on the ccna. my ccie lab is tuesday ahh the madness of it
01-09-2009 05:17 PM
Hi Michael,
Good luck! Hope you do your best. Which one is it? R&S?
Lejoe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: