Frame "filtering" terminology

headshotheadshot Posts: 77Member ■■□□□□□□□□
Todd Lammle describes it as: "If the destination hardware address is known and listed in the database, the frame is only sent out the correct exit interface. This preserves bandwidth on the other network segments and is called frame filtering."

Elsewhere I've heard it described as the switch not forwarding a frame out of the same port it received it on. Like for example say if two devices are connected to a hub which is connected to a switchport. The switch will not forward the frame it receives from one host to another because they are located on the same switchport.

Obviously this is very basic but I would like to have the terminology down and these are two very different instances.

Comments

  • AvocadoAvocado Posts: 15Member ■□□□□□□□□□
    Although I'm new to networking, I think I can answer this.


    Switch
    P1 P2 P3 P4
    | | | |
    | | | |
    | | | |
    Hub Host3 Host4 Host5
    / \
    / \
    / \
    Host1 Host2

    The first sentence you wrote about what Todd had said applies when Host5 is sending out something to other hosts on the network.
    Let's say from Host5 to Host4. Switch knows where Host 4 is connected and will only send out the frame to that one port where Host 4 is connected.


    The 2nd paragraph about a hub is when Host 1 is sending frames to Host 2. Since Switch knows Host 1 and Host 2 is tied together, the switch will not forward the frame it receives from one host to another, because they are located on the same switchport.

    The frame from Host1 would go to the hub. The hub would send it out to the switch and Host 2. The switch will not do anything with it. Host 2 receives the frame from the hub. Frame is delivered.
  • headshotheadshot Posts: 77Member ■■□□□□□□□□
    Avocado wrote: »
    Although I'm new to networking, I think I can answer this.


    Switch
    P1 P2 P3 P4
    | | | |
    | | | |
    | | | |
    Hub Host3 Host4 Host5
    / \
    / \
    / \
    Host1 Host2

    The first sentence you wrote about what Todd had said applies when Host5 is sending out something to other hosts on the network.
    Let's say from Host5 to Host4. Switch knows where Host 4 is connected and will only send out the frame to that one port where Host 4 is connected.


    The 2nd paragraph about a hub is when Host 1 is sending frames to Host 2. Since Switch knows Host 1 and Host 2 is tied together, the switch will not forward the frame it receives from one host to another, because they are located on the same switchport.

    The frame from Host1 would go to the hub. The hub would send it out to the switch and Host 2. The switch will not do anything with it. Host 2 receives the frame from the hub. Frame is delivered.

    Yes I understand both instances but these are two very different things being described by two different sources using the same terminology. I believe latter, not sending out the same port received is considered "frame filtering" but I'm not 100% sure.
  • networker050184networker050184 Posts: 11,962Mod Mod
    What I believe he is referring to is that when a switch learns a MAC it uses only that port for destination traffic. In contrast when a destination MAC is not known the switch floods the traffic out all ports except the port it was received on, which is known as unicast flooding. So once the MAC is learned the switch no longer needs to flood and saves bandwidth.

    I've never heard this referred to as "frame filtering" though.
    An expert is a man who has made all the mistakes which can be made.
  • headshotheadshot Posts: 77Member ■■□□□□□□□□
    I found a nicely worded explanation. Compared with Lammle's book it's two different things the term "filter." A few times Lammle has left me shaking my head. Maybe I'm really **** and picky.

    There are three distinct functions of layer 2 switching: address learning, forward/filter decisions, and loop avoidance.
    Address learning Layer 2 switches and bridges remember the source MAC address of each frame received on an interface, and enter this information into a MAC table called a forward/filter table. Forward/filter decisions When a frame is received on an interface, the switch looks at the destination MAC address and finds the exit interface in the MAC table. The frame is only forwarded out the specified destination port.
    Loop avoidance If multiple connections between switches are created for redundancy purposes, network loops can occur. Spanning Tree Protocol (STP) is used to stop network loops while still permitting redundancy.
    When a switch is first powered on, the MAC table is empty. When a frame is received on a port, the source MAC address is placed in the MAC address table, along with the port ID of the port on which it was received. If the MAC address was already in the table, its associated aging countdown timer is reset (300 seconds by default). Then the MAC address table is searched using the destination MAC address to determine which action to take.
    • Forward If the destination MAC address comes from another port within the switch, then the frame is sent to the identified port for transmission.
    • Flood If the destination MAC address is not in the MAC address table, then the frame needs to be flooded and is sent to all ports except for the port through which it arrived. This action is known as unicast flooding.
    • Filter If the destination MAC address comes from the same port on which it was received, (in another words, source mac address and destination mac address have the same exit port) then there is no need to forward it, and it is discarded.
  • advanex1advanex1 CASP, MCSA 2016, MCSA 2012, CCNA, Security+, Network+, Project+, Server+ Posts: 352Member ■■■■□□□□□□
    Headshot,

    This is correct. I've never heard of it as "frame filtering" as anytime a switch filters a frame, that means (from what I've learned) it's dropping it/discarding it.
    Order of Certifications to come: CISM, C|EH, CISA
    2019 certification tests taken: CISSP (Passed - awaiting endorsement), MCSA: 2016 (Passed), CCNA (Re-certification - Passed)
    Currently Reading: CISM: All-in-One
Sign In or Register to comment.