Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2407
Views
0
Helpful
6
Replies

Packet Flow

Go to solution
Maro.Cisco
Level 1
Level 1

‎02-01-2014 08:42 PM - edited ‎03-07-2019 05:56 PM

PC--------------------L2switch-------------core----------------------L2switch

172.16.4.2           172.16.11.1           172.16.11.222               172.16.11.2

Vlan 4                     Vlan2                       Vlan2    (SVI)                Vlan2

                                                           172.16.4.222

                                                                Vlan4 (SVI)

PC wants to ping 172.16.11.2

1)ARP request for 172.16.4.222 from PC

2)packet will be sent from PC to Core with destination MAC of 172.16.4.222 and Destination IP of 172.16.11.2

3)ARP request for 172.16.11.2 from Core

4) Packet will reach 172.16.11.2

If L2Switch ( 172.16.11.2) doesnt have default gateway set how will it be able to reply to 172.16.4.2???

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
daniel.dib
Level 7
Level 7

‎02-01-2014 11:52 PM

1) PC compares DST IP to local address and the address it not in same subnet.

2) ARP for default gateway at 172.16.4.222

3) Core replies with its MAC address for 172.16.4.222

4) PC sends packet with SRC IP = 172.16.4.2, DST IP = 172.16.11.2

5) L2 switch looks at DST MAC in VLAN 4, VLAN 4 must be configured on the switch

6) If DST MAC is known send it towards core otherwise flood it to all ports except incoming in VLAN 4

7) Frame is sent towards core, tagged with VLAN 4

8) Packet arrives to core, pop VLAN tag. DST MAC = SVI VLAN 4 so process the packet

9) Look up 172.16.11.2 in routing table

10) Send packet to 172.16.11.2 with SRC IP = 172.16.4.2, DST IP = 172.16.11.2, SRC MAC = SVI VLAN 2, DST MAC = L2 switch VLAN 2

11) L2 switch processes packet because DST MAC was for it. If it is L2 only it must have GW configured otherwise it can't forward the packet.

The only exception would be if L2 switch has a network mask that makes it believe that 172.16.4.2 is in the same subnet and if the core device has proxy ARP enabled.

Daniel Dib
CCIE #37149

Please rate helpful posts.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.

View solution in original post

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Maro.Cisco

‎02-02-2014 05:40 AM

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

Maro.Cisco wrote:
Daniel thats what i thought but my customer network has all the L2 switches without any GW and they are replying to the ping , how come ???

Do GWs support proxy?

View solution in original post

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Maro.Cisco

‎02-02-2014 06:08 AM

A L2 switch in terms of connecting to it or from it basically acts as an end device. If you do not configure a default gateway on an end device then it believes every destination IP is reachable on the network and simply arps out for it.

So when the L2 switch arps out for the PC mac address the core switch, assuming it is running proxy arp,  simply replies to the arp request with it's own mac address and the switch sends the packet to the core switch.

If your core switch is not running proxy arp then i can't see how it is working.

Jon

View solution in original post

0 Helpful
6 Replies 6

Go to solution
daniel.dib
Level 7
Level 7

‎02-01-2014 11:52 PM

1) PC compares DST IP to local address and the address it not in same subnet.

2) ARP for default gateway at 172.16.4.222

3) Core replies with its MAC address for 172.16.4.222

4) PC sends packet with SRC IP = 172.16.4.2, DST IP = 172.16.11.2

5) L2 switch looks at DST MAC in VLAN 4, VLAN 4 must be configured on the switch

6) If DST MAC is known send it towards core otherwise flood it to all ports except incoming in VLAN 4

7) Frame is sent towards core, tagged with VLAN 4

8) Packet arrives to core, pop VLAN tag. DST MAC = SVI VLAN 4 so process the packet

9) Look up 172.16.11.2 in routing table

10) Send packet to 172.16.11.2 with SRC IP = 172.16.4.2, DST IP = 172.16.11.2, SRC MAC = SVI VLAN 2, DST MAC = L2 switch VLAN 2

11) L2 switch processes packet because DST MAC was for it. If it is L2 only it must have GW configured otherwise it can't forward the packet.

The only exception would be if L2 switch has a network mask that makes it believe that 172.16.4.2 is in the same subnet and if the core device has proxy ARP enabled.

Daniel Dib
CCIE #37149

Please rate helpful posts.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
0 Helpful

Go to solution
Maro.Cisco
Level 1
Level 1
In response to daniel.dib

‎02-02-2014 04:53 AM

Daniel thats what i thought but my customer network has all the L2 switches without any GW and they are replying to the ping , how come ???

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Maro.Cisco

‎02-02-2014 05:40 AM

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

Maro.Cisco wrote:
Daniel thats what i thought but my customer network has all the L2 switches without any GW and they are replying to the ping , how come ???

Do GWs support proxy?

0 Helpful

Go to solution
Maro.Cisco
Level 1
Level 1
In response to Joseph W. Doherty

‎02-02-2014 05:52 AM

Actually im not sure tomorrow ill check this out when im at the customer site , but if proxy configured on the core then in this case how the L2 switch will be able to reply to the ping requests

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Maro.Cisco

‎02-02-2014 06:08 AM

A L2 switch in terms of connecting to it or from it basically acts as an end device. If you do not configure a default gateway on an end device then it believes every destination IP is reachable on the network and simply arps out for it.

So when the L2 switch arps out for the PC mac address the core switch, assuming it is running proxy arp,  simply replies to the arp request with it's own mac address and the switch sends the packet to the core switch.

If your core switch is not running proxy arp then i can't see how it is working.

Jon

0 Helpful

Go to solution
Maro.Cisco
Level 1
Level 1
In response to Jon Marshall

‎02-02-2014 07:02 PM

Actually i just checked and yes all the SVI's created on core switch does have Proxy-ARP enabled by default , so L2switch broadcast ARP request , Core switch recieve it and then reply with VLAN 2 SVI mac address to L2switch.Please correct me if im wrong and thanks for your help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card