Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

switch question


please suggest me :)

- when a frame arrive to switch, if switch have three port outgoing for this mac-address it will forward out three port?

- In fact the switch layer 2 can operate at layer 1 and 2 only if i apply extended acl to it how switch work ?


Re: switch question

Hi Friend,

I am not able to think of a situation where a mac address will be a learned on 3 outgoing ports unless and untill it is a loop because if that happens if it a loop like a hub connected to switch with 2 ports and pc connected to hub and pc mac address will be learned on 2 ports of switches now which can create a loop in network.

Coming to your second question switches will normally work at layer 2 only.

If you apply extended ACL to any interface any traffic hitting that interface will be checked to that ACL depening on the direction of traffic and direction of your ACL configured and as per the ACL switch will take decision to drop the traffic or formard the traffic.



New Member

Re: switch question

Hi Ankur

- I have two firewall load-sharing that use virtual mac-address and i have two switch that connect with them with trunk then when i show mac-address table on switch the mac-address of firewall will outgoing two interface (via directly to firewall and trunk port of switch) when we have traffic would like to go through firewall, switch will forward traffic out two interface ?

- Switch layer2 can filter tcp segment ? or ip packet ? it only work on layer2 right.. why extended acl can apply ?

Thanks for reply and your kindly

Re: switch question

Hi Friend,

- Does your firewall are working in active-standby mode or active-active mode?

- AFAIK All Cisco switches are store and forward, meaning they receive a full frame before making a forwarding decision. This allows the switch to throw away errored frames, and to look at any field to perform filtering, QOS or whatever is needed.

So the answer is that the current generation layer 2 switch with enhance image does understand layers 1-4, but forwarding decisions are based on layer 2.

HTH, if yes please rate the post.


CreatePlease login to create content