NUMBER OF MAC ADDRESS FOR AN LAYER 2 SWITCH

vipin.vikraman · ‎11-28-2011

Hi every one,

How many MAC address does an L2 switch have, does it have MAC address for each and every port or one MAC for the switch as a whole????say i have scenario in which my host is directly connected to a router through ethernet , what normally happens is that to start communication the host finds the MAC address of the respective router interface through ARP broadcast, incase i place an L2 switch in between the host and the router , at that point what would be the destination MAC adress for the host so that it can reach the router ?? Also again if i replace the L2 Switch with a L1 Switch/HUB what will be the destination MAC for host in that case ???

Vipin Vikraman

nkarpysh · ‎11-28-2011

Hello

Your L2 switch will learn router MAC on the port router is connected (when the first packet from router will come on switch). For you it means that host will still use the router MAC and switch will now on which port it needs to send that. In case of router MAC expired/delited, switch will broadcast the packets sent to router MAC untill it get a new packet from router (and learn MAC again).

For L1 hub- it is same. Host will always use router MAC as long as they are in same VLAN.

Nik

HTH,
Niko

flokki123 · ‎11-28-2011

hi vipin,

a switch itself has only one mac address and that is used if you e.g. try to reach the switch via gui or telnet. but the mac address of the switch is never put in the dest. mac header of a packet(only if you try to reach the switch itself), on the way to e.g. the gateway or another pc.

on the way to another device in the broadast domain the packet is put on the medium and if there is a switch in between the switch takes the packet and makes a intelligent forwarding decision based on the mac addresses which are already learned, if they are not known already the switch makes a broadcast. that is what nikolay mentioned above.

but if you try to send a packet out of the broadast domain the packet is send diretly to the local gateway as if you would send the packet to the switch, the switch wouldnt know what to do with the packet, as it doesnt see that the packet is supposed to be send out of the broadcast domain(L2 switches have nothing to do with the ip address).

and your pc normally knows the ip address of the local gateway, so if not known already, the pc has only to arp for the mac and then is able to put it in the frame.

this is different for a L3 switch, as e.g. if you work with inter-vlan routing your switch is actually your local gateway.

regards,

florian

vipin.vikraman · ‎11-29-2011

Thanks alott florian and nikolay

Regards

Vipin Vikraman thankappan

vipin.vikraman · ‎11-29-2011

Hi all,

So an L2 Switch has only one MAC address regardless of the number of ports it has, and that MAC address is used only while we are accessing the switch through GUI or management VLAN . Anyone who has a different view plz make thier posts.

Regards

Vipin Vikraman thankappan

Peter Paluch · ‎11-29-2011

Vipin,

The situation with MAC addresses owned by a switch is quite convoluted.

An unmanaged (i.e. not configurable) switch does not need and does not have any own MAC addresses because it is never a source or a destination of an Ethernet frame. It simply relays frames between its ports without being their source or destination. To the hosts connected to this switch, it is not visible; sometimes we say it is a transparent switch or bridge. Once more - to perform a basic switching function, a switch does not need to have any MAC addresses.

However, as soon as the switch has an added intelligence and needs to receive or send frames itself, it obviously must have its own MAC address. This added intelligence may be, for example, the ability to manage it remotely via Telnet, SSH or WWW, support for Spanning Tree Protocol, EtherChannels, UDLD, CDP or LLDP, and many, many more. Depending on the supported functionality, such switch may have one or more MAC addresses.

Cisco Catalyst switches usually have one unique MAC address per physical port, plus a set of surplus MAC addresses for diverse virtual interfaces (Port-channels, Switched Virtual Interfaces). However, they have them not in order to perform basic switching function but rather to as a need of the added functions on the switch that require that the switch itself is visible in the network and is an originator or receiver of messages in certain control protocols.

Best regards,

Peter

vipin.vikraman · ‎11-29-2011

HI Peter,

Thanks for your view , is it required for a switch to have more than one MAC inorder to have spanning or ether-channeling configured , because as per my understanding switch needs only one MAC for STP election process also for layer 2 ether channeling switch binds all ports under one channel group to a single MAC, kindly correct me if i am wrong ...and by saying added intelligence are you referring to layer 3 swithces???

Regards

Vipin Vikraman thankappan

flokki123 · ‎11-29-2011

hi peter,

thanks for the clarification.

so if you say, a switch has normally one unique mac address per physical port, would that mean that e.g. a 24 port swicht has actually 24 mac addresses? and if i try to reach the switch via lets say telnet that i would have different mac addresses if i try that on different ports?

thanks for you help.

florian

nkarpysh · ‎11-29-2011

Each port indeed has it's own MAC. As MAC-address is built in on port NIC. MGMT SVI will have different MAC address.

Port will use it's own MAC for STP calculation - e.g. when there is equality in all parameters between two ports on connected switches for selection of designated port on that link. Each port will use it's own MAC for that.

Note: This is different for High end Platforms e.g. 7600 or 6500 - all ports by default will have platform MAC address (can be seen by sh catalyst6000 chassis-mac-addresses).

Nik

HTH,
Niko

flokki123 · ‎11-30-2011

iam a little bit confused cause i never see different mac addresses on switches.

e.g. i made a ping to a switch and could see its mac in the arp table of my pc, then i connected my pc to another port, cleared my arp table and pinged again and got the same mac as before.

or are the different mac addresses only for some internal services like stp and etherchannel?

florian

nkarpysh · ‎11-30-2011

Hi Florian,

What you get - is the MAC of SVI where you have ip address assigned. On L2 switch that is different from port MAC. Also on L2 switch you can't configure ip on physical port- thus MAC always be the same - MAC of SVI. If you have a chance you can do "show interface" command and see all the MAC addresses assigned to physical ports and SVIs. On 2960 those will be different. On 6500 - will be same by default.

Nik

HTH,
Niko

flokki123 · ‎12-01-2011

hi nikolay,

thanks for the answer.

but is there a reason that some switch ports have its own mac addresses besides for internal services like stp.

cause if you assign ip´s you have to create vlans anyway on a switch thus even if you would use only one mac this would be on different subnets and so it shouldnt be a problem.

florian

JohnTylerPearce · ‎12-01-2011

Well I believe that STP, CDP, etc etc use vlan 1 no matter what you do. Also, I think there is a difference between MACs assigned to specific ports because there are host machines behind it, and MACs assigned to SVI interfaces and/or port channels.

If you have a single 3750 stack and hook up 20 machines to this switch just using vlan 1. When you look at the MAC address table there will be a mac address assigned to each port that is connected to this switch. This isn't necessarily a MAC assigned to a switch, but a MAC addresses assigned to a port because a host machine is behind it. On some switches you will see 64 MACs and or 1024. I believe that means you can have up to 64 mac assigned to intelligent devices on the switch such as port channels and SVI interfaces. Which is why sometimes you have to use

'spannig-tree extended system-id'.

Please correct me if I"m wrong.

Kishore Chennupati · ‎12-01-2011

hi john,

AFAIK 'spannig-tree extended system-id' if I may say is more for the root bridge STP stuff . I mean many moons ago when STP calculates a root bridge for different vlans the root bridge used to create different mac addressses per vlan for bridge-id but with the newer IOS's it only shows up as one mac address for the root bridge.

so if you have 64 SVI's then you will still have 64 mac addresses for those SVI's.

Happy to be corrected

HTH

Kishore

JohnTylerPearce · ‎12-01-2011

I should have elaborated more. When I said 64 or 1024 (I know it goes up on newer switches I believe), I talking about the old way, which you so clearly demonstrated. But yes, by adding the 'spanning-tree extended system-id' command you can use the vlan number as part of the BID to make it unique therefore not having to use up physical mac addresses which have been assigned to the switch.

Thanks for clarifying it Kishore! When I win the lotto I have a Happy Meal coming your way!