Destination MAC , Same Layer 2 LAN and Same Subnet ?

DaughterofrnbsoulDaughterofrnbsoul Member Posts: 29 ■□□□□□□□□□
Hello, I am a network noobie. I was wondering if in order to get the Destination Mac-address Of an IP host that host must be on the same layer 2 VLAN and Same layer 3 Subnet :) ?

Comments

  • hurricane1091hurricane1091 Member Posts: 919 ■■■■□□□□□□
    A VLAN should match up with a subnet. So VLAN 1 is 192.168.1.0/24 we will say. If computer A is 192.168.1.5 and a subnet mask of 255.255.255.0 with a default gateway of 192.168.1.1, and it wants to go to computer B with an IP address of 192.168.1.X/24, it will simply ARP for the MAC Address of 192.168.1.X/24, and the switch will flood the ARP (if it does not already know the MAC address of 192.168.1.x/24) out all ports in VLAN 1. Computer B will respond, and the switch will record the MAC address and the port it came from, plus the MAC address and port associated with computer A. Computer A can than send a packet with the layer 2 destination MAC address of Computer B, and a layer 3 destination IP address of Computer B as well.

    If computer A wanted to go to 10.10.10.10, this is not on the same subnet, and the computer will ARP for the MAC of the default gateway (it does not do this every time, it does it once usually and then remembers the MAC), and send the packet with a layer 2 destination MAC address of the default gateway, and a layer 3 destination IP address of 10.10.10.10. The source/destination MAC address will be re-written at each rout-able hop, while the source and destination IP address will remain the same throughout the journey (unless a NAT occurs, we will not discuss that here).

    Hope this helps! Remember, layer 2 information is always needed to go to the next hop in a LAN. From a computer's perspective, the destination MAC address is always that of the default gateway if the layer 3 destination is on a different subnet. If the layer 3 destination address is on the same subnet the computer is on, a router is not needed, and the destination MAC address will be the host the computer is trying to get to. If you mistakenly put Computer A on VLAN 2, but Computer B correctly on VLAN 1, this is going to be a problem. Computer A will not be able to reach the default gateway if it is configured with the default gateway of VLAN 1 subnet, and the switch will not flood Computer A's ARP out the port Computer B is on! A VLAN always matches up 1 for 1 with a subnet.
  • DaughterofrnbsoulDaughterofrnbsoul Member Posts: 29 ■□□□□□□□□□
    A VLAN should match up with a subnet. So VLAN 1 is 192.168.1.0/24 we will say. If computer A is 192.168.1.5 and a subnet mask of 255.255.255.0 with a default gateway of 192.168.1.1, and it wants to go to computer B with an IP address of 192.168.1.X/24, it will simply ARP for the MAC Address of 192.168.1.X/24, and the switch will flood the ARP (if it does not already know the MAC address of 192.168.1.x/24) out all ports in VLAN 1. Computer B will respond, and the switch will record the MAC address and the port it came from, plus the MAC address and port associated with computer A. Computer A can than send a packet with the layer 2 destination MAC address of Computer B, and a layer 3 destination IP address of Computer B as well.

    If computer A wanted to go to 10.10.10.10, this is not on the same subnet, and the computer will ARP for the MAC of the default gateway (it does not do this every time, it does it once usually and then remembers the MAC), and send the packet with a layer 2 destination MAC address of the default gateway, and a layer 3 destination IP address of 10.10.10.10. The source/destination MAC address will be re-written at each rout-able hop, while the source and destination IP address will remain the same throughout the journey (unless a NAT occurs, we will not discuss that here). Hope this helps! Remember, layer 2 information is always regarded to go to the next hop. From a computer's perspective, the destination MAC address is always that of the default gateway if the layer 3 destination is on a different subnet.

    That statement is similar to the Next Hop IP when forwarding an IP packet correct ? The Next Hop IP should be on the Same Subnet as you right ? since the Destination IP does not fall into a Directly Connected Subnet ID And Mask of a routers interface, the router can forward the IP packet to the next hop IP if he has a route that matches the Destination IP along with the correct Next Hop IP "Pointing to a neighboring Router ? can the Next hop ip also be "Assumed as a Gateway"
  • hurricane1091hurricane1091 Member Posts: 919 ■■■■□□□□□□
    That statement is similar to the Next Hop IP when forwarding an IP packet correct ? The Next Hop IP should be on the Same Subnet as you right ? since the Destination IP does not fall into a Directly Connected Subnet ID And Mask of a routers interface, the router can forward the IP packet to the next hop IP if he has a route that matches the Destination IP along with the correct Next Hop IP "Pointing to a neighboring Router ? can the Next hop ip also be "Assumed as a Gateway"

    So let us kind of step back here. I updated my last post by the way, for further clarity. Say in our example Computer A did want to go to 10.10.10.10, the packet arrives at 192.168.1.1, the default gateway for the computer, which for simplicity sake, let us say it is the Gi0/0 interface on the router (which connects to the switch). The router then has a route to 10.10.10.10, which is learned from the neighboring router connected on Gi0/1. This gi0/1 interface needs to be on the same subnet as the interface the cable connects to on the neighboring router. If you connected two routers together and they were not on the same subnet, the interface would not come up. You would see status as up, protocol as down. You can look at the router's next hop as a gateway.
  • rolando3321rolando3321 Member Posts: 36 ■■□□□□□□□□
    I look at it this way. VLAN’s are like a subnet of it’s own. You need each vlan to be in it’s own subnet. VLAN 1 can’t be in the same subnet as vlan10, 20, ect.

    MAC address is used to communicate to the addresses on the same subnet as yourself (local network); if not, then it will go to the default gateway to then be routed.

    There are many ways we can describe a scenario and the results could be differ, but let me try to paint a few to help your understanding.

    So let’s say you have a layer 2 switch and connected to it you have two pc’s and a router:

    PC1-vlan10----Switch1
    R1
    * * * * * * * * /
    PC2-vlan20
    /

    pc1 ip address 192.168.1.10/24 on vlan 10 –default gateway 192.168.1.1/24
    Pc2 ip address 192.168.30.10/24 on vlan 20 –default gateway 192.168.30.1/24

    The switch will have a trunk line to the router that will allow different vlans to communicate over the connection. The layer 2 switch will have access interfaces that will only allow that vlan to go through the interface.

    On the router – let’s say that gigabit0/0 is the connection to the layer 2 switch. The router will have something like the following:

    Interface gigabit0/0.10 – this is a sub interface (other commands needed but for the sake of making it easier this is vlan 10)
    Ip address 192.168.1.1/24
    Interface gigabit0/0.20 – this is a sub interface (other commands needed but for the sake of making it easier this is vlan 20)
    Ip address 192.168.30.1/24
    Note: this interface is configured as a trunk and the switch's interface connecting to this router will also be a trunk

    If pc2 wanted to talk (ping pc1) It would do the following. It would look at it’s own ip address and subnet and realize that is trying to reach someone outside of its own subnet. Pc2 will send a frame to the default gateway 192.168.30.1. This frame will have a MAC destination address of the router1 gig0/0 interface and the destination IP address will be that of pc1 (192.168.1.10).

    When the router receives that packet it will look at its routing table to make a decision of where it will forward/route to (we are using IP now; layer 3 not layer 2)

    In this situation the router is being used as a router on a stick (ROAS) so it will forward the frame out the gig0/0.10 interface with the source MAC address of R1 and the Destination MAC address of pc1 (because in this case pc1 is on the same subnet/local network)

    Layer 2 is using MAC addresses to find the host
    Layer 3 is using IP to get to the local network



    One more quick example:

    PC1 ---- SwitchA
    R1
    R2
    SwitchB
    PC2


    pc1 ip address 192.168.1.10/24 on vlan 10 –default gateway 192.168.1.1/24
    Pc2 ip address 192.168.30.10/24 on vlan 20 –default gateway 192.168.30.1/24
    R1 ip address 10.10.10.1/24
    R2 ip address 10.10.10.2/24

    From pc1 we want to ping pc2

    Pc1 calculates that the ip address it is trying to reach is not on the same subnet and sends to frame to it’s default gateway.

    Frame Pc1>R1 - MAC Destination address=R1 | IP destination address = 192.168.30.10
    R1 looks at the frame and makes a decision to where to send it. It finds that R2 has a route to it.

    Frame R1>R2 – R1 encapsulates the packet into a new frame with the MAC destination address of R2 and the IP destination address of 192.168.30.10.

    R2 receives the frame and looks at its routing table. It has a connected route out to pc2.

    Frame R2>PC2 – MAC Destination address=pc2

    Routers1 and 2 must be on the same local network to forward frames to each other; even thou, they are acting as a routing mechanic -- (what I mean is that it seems weird and a waste of ip addresses... I didn't want to believe that it had to be like this. I thought routers would just say, hey I have these routes so send it over here, but it is more than that.....)

    I might have went overboard on my explanation and examples. I had a hard time grasping this concept and the vlan part of it can be quite confusing. Hopefully this helps you out. There are exceptions to the rules but you got to start somewhere! Also I have some configuration missing, but I was just trying to show how the mac destination address changes (the mac source and destination are changing) The MAC is for the local subnet communication – otherwise we are using IP addresses to get to our destination network.
  • p@r0tuXusp@r0tuXus Member Posts: 532 ■■■■□□□□□□
    so it will forward the frame out the gig0/0.20 interface with the source MAC address of R1 and the Destination MAC address of pc1 (because in this case pc1 is on the same subnet/local network)

    Great examples! One small thing. You meant to put gig0/0.10not gig0/0.20 in this sentence. Excellent explanations though!
    Completed: ITIL-F, A+, S+, CCENT, CCNA R|S
    In Progress: Linux+/LPIC-1, Python, Bash
    Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
  • rolando3321rolando3321 Member Posts: 36 ■■□□□□□□□□
    p@r0tuXus, Thank you for pointing out that mistake and for the positive feedback!

    The post has been updated with the correction.
  • dontstopdontstop Member Posts: 579 ■■■■□□□□□□
    Hello, I am a network noobie. I was wondering if in order to get the Destination Mac-address Of an IP host that host must be on the same layer 2 VLAN and Same layer 3 Subnet :) ?

    Both conditions must be true otherwise the process will either get the default gateway MAC Address or the ARP will just fail. This example also neglects proxy ARP.

    Check out the little truth table I made below (Host A ARPs for -> Host B's IP Address):

    Host A -> B (Same VLAN, Different Subnet)
    Result: Host A will ARP for the default gateway (ARP request succeeds)

    Host A -> B (Same VLAN, Same Subnet)
    Result: Host A will ARP for Host B IP Address (ARP request succeeds)

    Host A -> B (Different VLAN, Same Subnet)
    Result: Host A will ARP for Host B (ARP will not cross a router border and will fail to get a reply)

    Host A -> B (Different VLAN, Different Subnet)
    Result: Host A will ARP for the default gateway
Sign In or Register to comment.