Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Mac-address table in IOS Routers

Hey All - Perhaps this ask may sound insane. But I am very curious to get the answer.

 

Does Cisco Router maintain a MAC Address table like Switch?. In all my production routers I am seeing the MAC address table empty though IP ARP table is populated with IP->ARP mapping.

rtr1-arabon#show mac-address-table
rtr1-arabon#

 

 rtr1-arabon#sh ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  10.15.20.1          187   0050.56af.5996  ARPA   Port-channel1.20
Internet  10.15.20.2            -      0000.0c07.ac00  ARPA   Port-channel1.20
rtr1-arabon#sh ip int brief


Port-channel1.20            10.15.203.124  YES NVRAM  up                    up
 

 

regards / SAIRAM

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Hello Sairam,Routers do not

Hello Sairam,

Routers do not normally maintain MAC address tables. Please do not confuse MAC address table and an ARP table. MAC address table maps MAC addresses to switchports where the owners of individual MAC addresses are attached. ARP table maps IP addresses of directly attached neighbors to their MAC addresses. Note that MAC address table and ARP table have nothing in common, and you do not  need to maintain one to populate the other.

On a router, you may find that the show mac address-table command is supported. This command would display a non-empty output if your router had a switching module installed, such as HWIC-4ESW or similar, because in that case, the router also has a switching hardware and behaves both as a router and as a switch. If there was a switching module installed into the router, the show mac address-table would show you the MAC addresses learned on individual ports of the switching module. On a router without a switching module, this command displays nothing.

Best regards,
Peter

Cisco Employee

Hi Sairam,With that said, if

Hi Sairam,

With that said, if I have a Metro Ethernet Link connected to one of the GE Routed Port (GE0/1), how does the router reaches the other end peer router. I thought the router will learn the MAC Address of the remote end router and populate that in the MAC address table.

The gi0/1 interface on your router is a routed interface. That means that whatever is going to be sent out that interface is primarily determined by routing, not by switching. The routing table is the key answer here - it is exactly the routing table that will say: "With this packet, you need to send it out the gi0/1 interface". Then, and only then, the router will try to forward the packet out the gi0/1 interface. If the routing table does not point out the gi0/1 interface, no packets are going to be sent out that interface.

Keep in mind that our gi0/1 interface is assigned an IP address in some IP subnet. When your router needs to send a packet to someone else in the same subnet, it will first do a lookup in the ARP table to see if the IP/MAC mapping is already there. If it is, it will just use it. If it isn't, it will broadcast an ARP request and wait for the reply.

The same process would happen if the destination was reachable via an IP next hop address that belongs to the IP subnet of gi0/1 - that next hop address would be looked up in the ARP table, and if it is not there, the router would need to send an ARP request.

But I am able to ping the Remote end Router connected to GE0/1, though there is no MAC address entry in the MAC address table (of course the MAC address of the remote router is in the ARP table)

Yes. That is because when you ping the other end, you ping a host that is in the same IP network as your gi0/1 interface. That is the impulse for your router to send the packet out gi0/1, populating the ARP table in the process.

How to troubleshoot in Layer 2 perspective if the Remote end router is not reachable?

On a routed interface, your options are extremely limited. Neither the routing table nor the ARP table is populated based solely on an IP packet received from the other end. To populate an ARP table, you absolutely need to have an ARP conversation with the other router, and if the other router does not respond to ARP, there is no way of you learning its IP/MAC mapping automatically.

Usually, when I cannot ping the other end router, I at least have a look into the ARP table whether the remote router's MAC address has been discovered via ARP. If not, the IP communication principially cannot work, so I do not even try using IP-based troubleshooting tools. In that case, I need to find out if the remote router is attached, up and running. CDP can be very helpful here.

If the ARP table is populated but the router does not respond to, say, pings then it is often a matter of ACLs or routing. Sometimes I have seen situations when the netmask of the local and remote router was mismatched, one of them was more specific, and the routing protocol advertised both the less and the more specific routes, and the path toward the more specific route went around the entire topology, possibly hitting some stateful firewalls. That was quite nasty to debug wink

Please feel welcome to ask further!

Best regards,
Peter

 

6 REPLIES
Cisco Employee

Hello Sairam,Routers do not

Hello Sairam,

Routers do not normally maintain MAC address tables. Please do not confuse MAC address table and an ARP table. MAC address table maps MAC addresses to switchports where the owners of individual MAC addresses are attached. ARP table maps IP addresses of directly attached neighbors to their MAC addresses. Note that MAC address table and ARP table have nothing in common, and you do not  need to maintain one to populate the other.

On a router, you may find that the show mac address-table command is supported. This command would display a non-empty output if your router had a switching module installed, such as HWIC-4ESW or similar, because in that case, the router also has a switching hardware and behaves both as a router and as a switch. If there was a switching module installed into the router, the show mac address-table would show you the MAC addresses learned on individual ports of the switching module. On a router without a switching module, this command displays nothing.

Best regards,
Peter

Community Member

Hello Peter - Thank you for

Hello Peter - Thank you for reply.

I am exactly seeing what you described. My router is installed with HWIC-4ESW card and the MAC Address table (show mac-address-table) shows the devices MAC address connected to these 4 ports only. I am not seeing the MAC address of the devices connected to any of the other routed ports like GE0/0, GE0/1.

 

With that said, if I have a Metro Ethernet Link connected to one of the GE Routed Port (GE0/1), how does the router reaches the other end peer router. I thought the router will learn the MAC Address of the remote end router and populate that in the MAC address table.

But I am able to ping the Remote end Router connected to GE0/1, though there is no MAC address entry in the MAC address table (of course the MAC address of the remote router is in the ARP table)

How to troubleshoot in Layer 2 perspective if the Remote end router is not reachable?

 

Thanks / SAIRAM

 

Cisco Employee

Hi Sairam,With that said, if

Hi Sairam,

With that said, if I have a Metro Ethernet Link connected to one of the GE Routed Port (GE0/1), how does the router reaches the other end peer router. I thought the router will learn the MAC Address of the remote end router and populate that in the MAC address table.

The gi0/1 interface on your router is a routed interface. That means that whatever is going to be sent out that interface is primarily determined by routing, not by switching. The routing table is the key answer here - it is exactly the routing table that will say: "With this packet, you need to send it out the gi0/1 interface". Then, and only then, the router will try to forward the packet out the gi0/1 interface. If the routing table does not point out the gi0/1 interface, no packets are going to be sent out that interface.

Keep in mind that our gi0/1 interface is assigned an IP address in some IP subnet. When your router needs to send a packet to someone else in the same subnet, it will first do a lookup in the ARP table to see if the IP/MAC mapping is already there. If it is, it will just use it. If it isn't, it will broadcast an ARP request and wait for the reply.

The same process would happen if the destination was reachable via an IP next hop address that belongs to the IP subnet of gi0/1 - that next hop address would be looked up in the ARP table, and if it is not there, the router would need to send an ARP request.

But I am able to ping the Remote end Router connected to GE0/1, though there is no MAC address entry in the MAC address table (of course the MAC address of the remote router is in the ARP table)

Yes. That is because when you ping the other end, you ping a host that is in the same IP network as your gi0/1 interface. That is the impulse for your router to send the packet out gi0/1, populating the ARP table in the process.

How to troubleshoot in Layer 2 perspective if the Remote end router is not reachable?

On a routed interface, your options are extremely limited. Neither the routing table nor the ARP table is populated based solely on an IP packet received from the other end. To populate an ARP table, you absolutely need to have an ARP conversation with the other router, and if the other router does not respond to ARP, there is no way of you learning its IP/MAC mapping automatically.

Usually, when I cannot ping the other end router, I at least have a look into the ARP table whether the remote router's MAC address has been discovered via ARP. If not, the IP communication principially cannot work, so I do not even try using IP-based troubleshooting tools. In that case, I need to find out if the remote router is attached, up and running. CDP can be very helpful here.

If the ARP table is populated but the router does not respond to, say, pings then it is often a matter of ACLs or routing. Sometimes I have seen situations when the netmask of the local and remote router was mismatched, one of them was more specific, and the routing protocol advertised both the less and the more specific routes, and the path toward the more specific route went around the entire topology, possibly hitting some stateful firewalls. That was quite nasty to debug wink

Please feel welcome to ask further!

Best regards,
Peter

 

Community Member

Hi Peter - Awesome

Hi Peter - Awesome explanation. Thanks. Though we guys work on high-end stuffs many time get confused or miss to note the fundamentals.  It was very useful.

 

SAIRAM

Cisco Employee

Hi Sairam,You are very much

Hi Sairam,

You are very much welcome. It has been a pleasure. Thank you for all the ratings!

Best regards,
Peter

 

Community Member

Re: Hello Sairam,Routers do not

Thank you very much :)
12413
Views
30
Helpful
6
Replies
CreatePlease to create content