Re: MAC Entries in 'Mac Address Table' of Switch

azmunnabi · ‎09-04-2013

Hi All,

I am new to CCNA and doing with switching part currently.

I am facing issue in understanding how is the entries in the MAC address table of the switches are made.

What I know is: MAC addresses in MAC Address Table of switches is the MAC of hosts which are directly or indirectly connected to the ports of those switches.

Please explain the MAC adresses in the MAC address table of the switches corresponding the scenario below:

================

3 Switches (2960 - 24TT) are connected. Say Switch A, Switch B and Switch C.

Switch A (Gig Eth 1/1) connected to Switch B (Gig Eth 1/1)

Switch B (Gig Eth 1/2) connected to Switch C (Gig Eth 1/1)

'sh version' command displays the below Mac Address of the Switches:

Switch A: Base ethernet MAC Address 0010.113C.D2EE

Switch B: Base ethernet MAC Address 000A.F3D5.09BD

Switch C: Base ethernet MAC Address 00E0.8FDE.01A1

Other input:

Switch A is in VTP Server Mode. It has 3 Vlans (Default + 2).

Switch B and Switch C is in client mode.

No Host is connected to any of the switches.

Below is the output of 'Mac Address Table' of the Switches:

Mac Address Table for Switch A:

Vlan Mac Address Type Ports

1 0090.2b2e.5501 Dynamic Gig1/1

2 0090.2b2e.5501 Dynamic Gig1/1

3 0090.2b2e.5501 Dynamic Gig1/1

Mac Adress Table for Switch B:

Vlan Mac Address Type Ports

1 0060.2f32.c801 Dynamic Gig1/1

1 00d0.d3da.e501 Dynamic Gig1/2

Mac Address Table for Switch C:

Vlan Mac Address Type Ports

1 0090.2b2e.5502 Dynamic Gig1/1

2 0090.2b2e.5502 Dynamic Gig1/1

3 0090.2b2e.5502 Dynamic Gig1/1

Can Some one please explain:

To which interface the MAC (of MAC address tables) belongs ?

Mac Address in the Mac Table is not of any siwtches ( As per 'sh version'), also no host is connected to any switch ports.

Also explain, Significance of MAC entry corresponding to each VLAN?

Suggest if there is any other way of viewing MAC of switches and its interfaces?

Any help appreciated. Thanks.

Rolf Fischer · ‎09-04-2013

Hi,

imagine a VLAN as a virtual switch which can span multiple physical switches.

Every VLAN has it's own mac-address table and there is no layer-2 communication between different VLANs.

The MAC addresses you've posted are most likely the port MAC addresses used by the spanning-tree protocol (STP); you can verify that with the show spanning-tree commands [*].

Switch B seems to be the ST root bridge for VLAN 1-3, hence every two seconds it sends BPDUs for every VLAN to the neighbor-switches. Every port of a switch has to have a different MAC-address for the STP, but a port's MAC-address can be used for every VLAN. Switch A and C learn B's MAC addresses which are used as source addresses in the BPDUs.

[edit]

Other layer-2 protocols like CDP, VTP, DTP, etc. use the port MAC addresses as well, that's the reason why you see the two VLAN-1-entries on switch B.

[*] Actually I couldn't find any ST show-command on a c2960 which shows the source MAC addresses, I had to run a debug spanning-tree bpdu instead:

STP: enc 01 00 0C CC CC CD EC 30 91 69 C1 81 00 32 AA AA 03 00 00 0C 01 0B

Switch1#show mac address-table dynamic

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

1 ec30.9169.c181 DYNAMIC Fa0/1

2 ec30.9169.c181 DYNAMIC Fa0/1

3 ec30.9169.c181 DYNAMIC Fa0/1

-------------------------------------------------------------

Switch2#show interfaces fa0/1 | include bia

Hardware is Fast Ethernet, address is ec30.9169.c181 (bia ec30.9169.c181)

Feel free to ask further!

Hope that helps

Rolf

azmunnabi · ‎09-05-2013

Thanks Rolf,

Yes The MAC in the CAM table of switches is of the trunk port of the connected switch.

I came across '#sh interfaces gigabitEthernet ' and the MAC of the ports was as expected which is learned by the MAC address table of neighbour switch.

Your explaination is helpful in terms that Layer 2 protocol is using the MAC adresses of switch ports in communcating to each ohther, and this is how the MAC address table is growing.

Also Switch B is the root bridge of ST for Vlan1-3. Here command #sh spanning-tree worked.

But I did not get why Switch B has entry corresponding to VLAN 1 only in the MAC adress table.

Why is there no entry for VLAN2 and VLAN3?

Mac Adress Table for Switch B:

Vlan Mac Address Type Ports

1 0060.2f32.c801 Dynamic Gig1/1

1 00d0.d3da.e501 Dynamic Gig1/2

Also If it can be explained:

BPDU is send from the root to non-root bridge only (after the Switch fabric is once converged) .

Can't BPDU flow in the opposite direction as well?

Appreciate your help.

Azmun

Rolf Fischer · ‎09-05-2013

Hi Azmun,

Why is there no entry for VLAN2 and VLAN3?

Protocols like CDP, VTP, DTP, etc. send their frames without a VLAN-tag, so the receiving switch will assign them to VLAN1. None of these protocols send tagged frames in VLAN2 or 3.

The Cisco implementations of STP/Rapid-STP run a STP-instance for each VLAN, so BPDUs are send untagged for VLAN1 and with the appropriate VLAN-tag for all the other VLANs.

In your topology, Switch B is the root-bridge for all the VLANs, so it sends BPDUs for every VLAN on all the active links. Non-root bridges send BPDUs as well, but not in direction back to the root-bridge in a stable topology.

Hope that helps

Rolf

azmunnabi · ‎09-06-2013

Thanks Rolf,

Disussion of the MAC entries, brought in STP (BPDUs), Untagged frames, and other protocols.

Now Native VLAN below.

To sum up, based on your explaination:

Switch B has entry for VLAN-1 only as some Layer 2 protocols are communicating without VLAN tag.

Switch B has no entry for VLAN-2 and VLAN-3, as it being a ST root bridge for all VLAN, doesn't recieve BPDU from non-root bridge. Thus no frames are coming at Switch B corresponding to VLAN 2 or 3.

Switch A and Switch C has entry for all VLANs (Valn 1-3), as they recieve BPDU frames for all VLAN from ST Root Bridge. And other Protocols are also commincating using VLAN 1.

Native VLAN Change in topology:

I changed the Native VLAN to 2, to see that untagged frames (of VTP, CDP and other) coming at Switch B is now assigned to VLAN 2.

Switch B now has the enetry for VLAN 1 and VLAN2 in their MAC adress table.

Thanks again to your explaination. Because of untagged frame coming at Switch B, MAC entry for VLAN 2 (Native VLAN) is created

So I concluded three points:

1. Frames of protocols (like DTP, VTP etc) are send untagged thus assigned to Native VLAN.

[Results in MAC entry for Native VLAN. i.e VLAN 2; when the Native VLAN is changed to VLAN 2]

2. Some other frames must be transmitted using VLAN 1(Management VLAN).

[Results in MAC entry for VLAN 1 in Switch B.].

* Currently no idea which frame is using VLAN 1 and which is using Native VLAN.

3. BPDUs in stable topology are send from root to non-root bridge for all VLANs.

No BPDU in opposite direction ( after STP convergence in stable topology)

[ Results No MAC entry for different VLANs (except Native VLAN and VLAN 1) in ST root bridge (Switch B) ]

Pls correct if I am wrong some where.

I will further study to see which all protocols are communicating using VLAN 1 and which communicates un tagged (assigned to Native VLAN).

Hope my understanding of VLAN 1 and Native VLAN is ok.

Appreciate your help and input

Azmun

Message was edited by: azmun nabi

Rolf Fischer · ‎09-07-2013

Hi Azmun,

you're asking some great questions and you've well done in studying, labbing and making conclusions. That's a great studying technique and for the forum members it's also much easier to provide with adequate answers.

In fact, when I started learning Ethernet, Switching and the associated protocols, I came to very similar conclusions first, because they appeared obvious.

In this discussion, I left out the native VLAN so far for simplifying because the relationship of the native VLAN and control traffic like CDP and VTP on the one hand and Cisco's per-VLAN versions of the STP on the other can be a little bit confusing:

Here you can find a detailed discussion about control traffic and VLAN 1 / native VLAN (I couldn't explain better):

https://supportforums.cisco.com/thread/2015714

To sum up: No matter what VLAN is configured as Native and no matter if VLAN 1 is manually pruned or not (switchport trunk allowed vlan), CDP, VTP, ... are always send untagged and belong to VLAN 1 by definition. The restrictions which we can configure for VLAN 1 refer for the very most part to user traffic, not to control traffic.

Concerning STP on trunk-ports, we first have to to know that Cisco PVST+ and RPVST+ use additional BPDUs on a per-VLAN basis and this BPDUs use a different destination MAC-address. For compatibility to switches using IEEE versions of the STP, BPDUs with the IEEE destination address are send as well. Those IEEE BPDUs are always send untagged in VLAN 1. In contrast, the Cisco proprietary BPDUs ("SSTP BPDUs") are send untagged on the Native VLAN and tagged on every non-native VLAN.

I think this are details beyond the scope of the CCNA exam, but it's always good to scrutinize how things actually work. So keep on studying!

Best regards

Rolf

azmunnabi · ‎09-08-2013

Thanks Rolf for encouragement and response to all the queries.

I will surely go through the VLAN discussion shared by you.

STP part was quite tough to interprete in your last post; but it's ok, as I will restrict myself to CCNA level for now.

And Yes - Hope you will respond, when other doubts are raised by me. ( May be some of them turn dumb )

Best Regards,

Azmun

Rolf Fischer · ‎09-08-2013

Azmun,

you're welcome!

STP part was quite tough to interprete in your last post;

Yeah,I know. That's why I tried to keep the first postings simple. There are so many concepts! It took me years to learn all this stuff and I still learn something new every day. So give yourself some time but never stop asking.

Best regards

Rolf