cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3953
Views
0
Helpful
1
Replies

ARP table on switches

axfalk
Level 1
Level 1

I have always thought that ARP tables get created on routers only. However, I just noticed our Cat-2950 switch has an ARP table as well as the cam table. Since this switch has no layer 3 visibility, what exactly is this ARP table for and is it in some form related to the cam table?

Thanks...

1 Accepted Solution

Accepted Solutions

Roberto Salazar
Level 8
Level 8

PC's also have arp table and we know PCs are not Layer 3 devices, it has ARP entry because ARP is part of IP stack. ARP as you know is binding of known L3 address to L2 mac-address. ARP happens when a device tries to communicate to a L3 address (IP) but it does not have a hardware address also known as mac-address, how will it resolve it? I will send an ARP to try to resolve that IP address. If you notive on that 2950, it will only have ARP entry for devices it pinged that are on the same subnet as it's management interface (usually vlan 1), same with PC the arp entries on PC's are for the devices on the same subnet as it's own IP address and of course the ARP entry for the default-gateway. so what happens, if it tries to communicate to an IP address outside it's subnet, does it ARP? The answer is it depends, since the destination is another subnet, it (being the PC or Layer 2 only device) will know that it needs to send that packet to it default-gateway, so if that PC or layer 2 device does not have ARP entry for default-gateway's ip address it will arp for that address, the defualt-gateway.

CAM table on the other hand is a strictly layer 2 switch job. Switch builds it's CAM table according to the source mac-address of the packet it receives. why source mac-address? Take an example of PC1 connected to port 1/1 witch mac-address MAC-A, PC1 sends a packets, the switch being a learning bridge, sees that a packet it recieved on port 1/1 have a source mac-address of MAC-A, it builds a CAM table that says, I learned this mac-address, MAC-A, on port 1/1, so that next time it gets a packet that is destined to mac-address MAC-A, it will know NOT to flood it to all the port, otherwise, it will flood. So, it is not related to ARP at all.

I think that explains that.

Please rate all posts.

View solution in original post

1 Reply 1

Roberto Salazar
Level 8
Level 8

PC's also have arp table and we know PCs are not Layer 3 devices, it has ARP entry because ARP is part of IP stack. ARP as you know is binding of known L3 address to L2 mac-address. ARP happens when a device tries to communicate to a L3 address (IP) but it does not have a hardware address also known as mac-address, how will it resolve it? I will send an ARP to try to resolve that IP address. If you notive on that 2950, it will only have ARP entry for devices it pinged that are on the same subnet as it's management interface (usually vlan 1), same with PC the arp entries on PC's are for the devices on the same subnet as it's own IP address and of course the ARP entry for the default-gateway. so what happens, if it tries to communicate to an IP address outside it's subnet, does it ARP? The answer is it depends, since the destination is another subnet, it (being the PC or Layer 2 only device) will know that it needs to send that packet to it default-gateway, so if that PC or layer 2 device does not have ARP entry for default-gateway's ip address it will arp for that address, the defualt-gateway.

CAM table on the other hand is a strictly layer 2 switch job. Switch builds it's CAM table according to the source mac-address of the packet it receives. why source mac-address? Take an example of PC1 connected to port 1/1 witch mac-address MAC-A, PC1 sends a packets, the switch being a learning bridge, sees that a packet it recieved on port 1/1 have a source mac-address of MAC-A, it builds a CAM table that says, I learned this mac-address, MAC-A, on port 1/1, so that next time it gets a packet that is destined to mac-address MAC-A, it will know NOT to flood it to all the port, otherwise, it will flood. So, it is not related to ARP at all.

I think that explains that.

Please rate all posts.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: