Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
24771
Views
32
Helpful
8
Replies

ARP Table on Layer2 Switch

Go to solution
cisco
Level 1
Level 1

‎01-18-2010 12:34 AM - edited ‎03-06-2019 09:19 AM

Hi ,

        Does a layer2 switch forms a ARP table ?

regards

Neo    

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎01-18-2010 07:12 AM

Hello Neo,

first of all, we need to distinguish between CAM table and ARP table they are two different concepts

a L2 switch uses the CAM table to forward frames within the same broadcast domain, typically from an host to its default gateway of between two hosts in the same subnet.

In this a L2 switch acts as a transparent bridge that learns MAC addresses by listening to frames received on its ports.

And also means the L2 switch cannot change a frame (transparent) it just decides if the frame has to be forwarded or discarded.

The CAM table uses vlan number, port, MAC address to organize information

A L2 switch has also an ARP table that is used by the switch management TCP/IP stack in order to be managed by remote: to support SNMP, telnet, SSH, ICMP and so on.

An ARP table is a list of associations IP address / MAC address, multiple IP addresses can be associated to the same MAC address

Jon and Ganeshh have explained the scenario that you have proposed.

I've just written two notes about terminology.

As Jon has noted only the router can perform packet rewrite that means changing the ethernet frame header (MAC SA, MAC DA) and also IP packet header (reduce TTL and recalculate checksum).

A transparent bridge = L2 switch can only decide between forwarding or not forwarding a frame ( L2 PDU)

A frame is not forwarded if according to switch CAM table frame destination MAC address is on the same port where the frame has been received.

Hope to help

Giuseppe

View solution in original post

8 Replies 8

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni

‎01-18-2010 12:45 AM

Hi Neo,

Yes Layer 2 switches forms cam table Actually a  switch is a multi port bridge, it takes an incoming packet, and looks at the destination MAC address  It decides what port to send the traffic to by looking at its CAM table (MAC to port # mapping) A switch does NOT do ARP to route ethernet frames A layer 2 switch does not even know what TCP/IP or ARP are. If it did, how would it route non IP traffic? Ethernet and TCP/IP were not designed with switches in mind, switches are supposed to be transparent. This means they do switching with no protocol support.

ARP is the address resolution protocol for IP Before you can send an IP packet, you need to build a frame with a destination ethernet address. If you don't know what the destination MAC address is, you use ARP to get it You broadcast a packet at layer 2 asking who has a certain IP, and what MAC address it belongs to The owner of the IP (if present) sends back a unicast packet to you with the answer (this means only you get the result of that arp query).

Hope that clear out your query !!

If helpful do rate the valuable post.

Regards

Ganesh.H

Go to solution
cisco
Level 1
Level 1
In response to Ganesh Hariharan

‎01-18-2010 01:20 AM

Hi Ganesh,

                      Thanks for the reply.now in below mention diagram

PC_1------L2Switch_1------Router------L2Switch_2------PC_2

a packet from PC_1 needs to go to PC_2 , what will the be destination MAC address when that data is transmitted from PC_1 ?

SourceMAC = MAC address of PC_1

Destination MAC = MAC address of L2Switch_1 or Router

Source IP = IP address of PC_1

Destination IP = IP address of PC_2

regards

Neo    

0 Helpful

Go to solution
prakadeesh
Level 1
Level 1
In response to cisco

‎01-18-2010 01:27 AM

Hi Neo,

           The destination MAC will be the mac of router l3 interface that is servering as the gateway for that subnet. and arp- a on the pc 1 will show the mac-add of the default gateway. I am assuming that both the pcs are on diff subnets.

thanks,

Prakadeesh

0 Helpful

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni
In response to cisco

‎01-18-2010 01:55 AM

Hi Neo,

As per the diagram PC_1------L2Switch_1------Router------L2Switch_2------PC_2

The destination mac will be the router internal interface that is facing towards the pc1,once the packet comes into router L3 ip address is checked against the routing table to route the packet to correct interface that is L2 switch_2 facing interface.once the frame comes to L2 switch_2 the mac is cheked against the arp table against the port where the mac is located.

This is the way a packet is travels from PC1 to PC2.

Hope that clear out your query!!

If helpful do rate the valuable post.

Regards

Ganesh.H

Go to solution
cisco
Level 1
Level 1
In response to Ganesh Hariharan

‎01-18-2010 02:24 AM

Hi ,

          why shouldnt it be the MAC address of L2Switch_1 instead of Router's MAC address.

regards

Neo

0 Helpful

Go to solution
Ganesh Hariharan
VIP Alumni
VIP Alumni
In response to cisco

‎01-18-2010 02:27 AM

Neo,

The default gateway is configured as L3 interface of router,so when packet goes to some destination it searches for the gateway ip address mac at that time switch 1 comes into play as it check the cam table about the entry of the router interface and provides the mac of the l3 inetrface of router to PC to forward the frame to asked ip address.

Hope that clear out your query!!

Regards

Ganesh.H

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to cisco

‎01-18-2010 03:56 AM 

cisco@learn wrote:
Hi ,
          why shouldnt it be the MAC address of L2Switch_1 instead of Router's MAC address.
regards
Neo

Neo

Ganesh has covered this in detail but just to give another way of looking at it -

L2 switching is about delivering the packet on the local subnet. To deliver a packet on the local subnet you use the mac-address of the destination device.

Routing or L3 switching is about delivering the packet to the local subnet. To deliver a packet to a remote subnet you use the IP address. Note that you also have to use mac-addresses but you are not using the mac-address of the destination device. You are using mac-addresses of intermediate devices ie. routers/L3 switches.

So if a  device on a subnet wants to send a packet to another device in the same subnet you can see from the above defintions that there is no need for routing because when the packet leaves the first device it is already on the local subnet. So the packet is forwarded by the L2 switch based only on the mac-address of the destination device.

If a device wants to send a packet to another device on a remote subnet then it has to be routed first. It cannot be L2 switched because when the packet leaves the first device it is not on the local subnet. So it has to be sent to an intermediary device ie. a router/L3 switch.

So from your diagram PC1 is on a different subnet than PC2. So Pc1 wants to send a packet to PC2. PC2 is on a different subnet so we know the packet has to be routed to that subnet. So PC1 uses it's default-gateway (which we are assuming is the router interface on that subnet) and sends the packet to the router because it has to be routed - the packet looks like this -

src mac-address PC1

destination mac-address - router interface

src IP  PC1

dst IP PC2

when the router sends the packet to PC2

src mac  router interface on the subnet which connects to PC2

dst mac  PC2

src IP  PC1

dst IP  PC2

notice that the mac-addresses change and that makes sense because mac-addresses are only significant on the local subnet and as the packet has gone across 2 subnets they have to change. Notice also that the L3 IP address never changes because they are not locally significant, they stay the same across subnets.

Jon

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎01-18-2010 07:12 AM

Hello Neo,

first of all, we need to distinguish between CAM table and ARP table they are two different concepts

a L2 switch uses the CAM table to forward frames within the same broadcast domain, typically from an host to its default gateway of between two hosts in the same subnet.

In this a L2 switch acts as a transparent bridge that learns MAC addresses by listening to frames received on its ports.

And also means the L2 switch cannot change a frame (transparent) it just decides if the frame has to be forwarded or discarded.

The CAM table uses vlan number, port, MAC address to organize information

A L2 switch has also an ARP table that is used by the switch management TCP/IP stack in order to be managed by remote: to support SNMP, telnet, SSH, ICMP and so on.

An ARP table is a list of associations IP address / MAC address, multiple IP addresses can be associated to the same MAC address

Jon and Ganeshh have explained the scenario that you have proposed.

I've just written two notes about terminology.

As Jon has noted only the router can perform packet rewrite that means changing the ethernet frame header (MAC SA, MAC DA) and also IP packet header (reduce TTL and recalculate checksum).

A transparent bridge = L2 switch can only decide between forwarding or not forwarding a frame ( L2 PDU)

A frame is not forwarded if according to switch CAM table frame destination MAC address is on the same port where the frame has been received.

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card