Where is src-MAC added into the frame?

m4rtinm4rtin Member Posts: 170
If I send a packet out from the M10i router, where is the source MAC address attached to the frame? In RE? Or in CEFB? Or in PIC?

One could think, that if every Ethernet unit(virtual interface) has unique virtual MAC address generated, then RE is the one, who puts source MAC addresses into the framesicon_rolleyes.gif

Any thoughts?

Comments

  • AldurAldur Juniper Moderator Member Posts: 1,460
    I believe that the MAC src/dst is going to be put in the frame in the CFEB. In the forwarding plane architecture the L2 info is removed on the incoming Bchip as it comes into the router. Then after the route lookup/output interface is preformed on the L3 info, this happens on the Cchip, it is sent to the out going Bchip and the L2 info is reapplied there. So it's at this point that the MAC src/dst address is applied to the packet and then from there it is sent out the exit interface.

    All that the RE should really be doing is giving the info to the CFEB telling it where to send the packet/frame and how to do it.

    Nothing, other then sending the data stream, really happens at the PIC level unless you have an IQ/IQ2 PIC installed.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • m4rtinm4rtin Member Posts: 170
    Aldur wrote: »
    I believe that the MAC src/dst is going to be put in the frame in the CFEB. In the forwarding plane architecture the L2 info is removed on the incoming Bchip as it comes into the router. Then after the route lookup/output interface is preformed on the L3 info, this happens on the Cchip, it is sent to the out going Bchip and the L2 info is reapplied there. So it's at this point that the MAC src/dst address is applied to the packet and then from there it is sent out the exit interface.

    All that the RE should really be doing is giving the info to the CFEB telling it where to send the packet/frame and how to do it.

    Nothing, other then sending the data stream, really happens at the PIC level unless you have an IQ/IQ2 PIC installed.

    ok, I see. You mean CFEB downloads FIB from the RE and then decides based on this information, where to send what?

    However, if MAC address is applied in CFEB, how can one do this:
    start shell sh
    # tcpdump -n -p -i ge-0/2/0
    

    I mean tcpdump is started in RE, isn't it? If yes, then how can it show MAC addresses of packages?icon_rolleyes.gif
  • AldurAldur Juniper Moderator Member Posts: 1,460
    Keep in mind that when you do a TCP **** or the 'monitor traffic interface' command that this is for locally generated or received traffic only.

    With that being said yes a TCP **** is ran by the RE but the RE is getting it's info from the forwarding board. If all that info on the different functions that was obtained from a TCP **** was handled by the RE then the forwarding engine wouldn't be doing anything.

    Think of it in terms of the IP address information, the RE communicates with the forwarding engine, but every time a packet passes through the router it doesn't go up to the RE but passes from the ingress interface to the egress interface with only going thorough the forwarding board, of course with the exception of traffic destined for the RE. The RE will still have a route table for all it's known destinations but this doesn't mean that it's handling the forwarding of every packet.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • m4rtinm4rtin Member Posts: 170
    Aldur wrote: »
    Keep in mind that when you do a TCP **** or the 'monitor traffic interface' command that this is for locally generated or received traffic only.
    Hmm..you mean that tcpdump will only monitor traffic intended to or started from a particular router?
    Aldur wrote: »
    With that being said yes a TCP **** is ran by the RE but the RE is getting it's info from the forwarding board. If all that info on the different functions that was obtained from a TCP **** was handled by the RE then the forwarding engine wouldn't be doing anything.

    Think of it in terms of the IP address information, the RE communicates with the forwarding engine, but every time a packet passes through the router it doesn't go up to the RE but passes from the ingress interface to the egress interface with only going thorough the forwarding board, of course with the exception of traffic destined for the RE. The RE will still have a route table for all it's known destinations but this doesn't mean that it's handling the forwarding of every packet.
    So the traffic moving trough the router is not touched by the RE at all?

    In other words it's impossible to record all the MAC addresses which are going trough a Juniper router if one would like to do this?icon_rolleyes.gif
  • AldurAldur Juniper Moderator Member Posts: 1,460
    m4rtin wrote: »
    Hmm..you mean that tcpdump will only monitor traffic intended to or started from a particular router?

    Yup
    m4rtin wrote: »
    So the traffic moving trough the router is not touched by the RE at all?

    Yup, that's the whole point of having a separate routing plane and forwarding plane.
    m4rtin wrote: »
    In other words it's impossible to record all the MAC addresses which are going trough a Juniper router if one would like to do this?icon_rolleyes.gif

    Oh it's possible, you're just doing it wrong ;)

    What you need to do to take a packet capture of the transit traffic is to use port mirroring.

    Configuring Port Mirroring - JUNOS 9.5 Policy Framework Configuration Guide
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
Sign In or Register to comment.