SVI train of thought help

MrBrian · August 2012

Hey guys, anyone want to kind of push me in the right direction with the thought process of SVI's? I've been labbing and doing plenty of things with them, but when I really started thinking about how they work I'm going a little fuzzy.

So how about for the example we'll talk about a host in VLAN 20 on a switch. This switch has an SVI for VLAN 20 with ip 192.168.100.1... the host has ip 192.168.100.5... and then from the host we ping 192.168.100.1, and put in motion a basic arp request.

Ok, so thinking about the traffic flow, the host will send out a broadcast with destination mac ffff.ffff.ffff... the switch will receive the frame and see this destination mac, and say "this gets forwarded out all ports in the vlan that I received it from (except for the one on which it was received)." And I know the switch has an internal table of all ports that exist within the vlan.. Ok, feeling good.

I know the SVI for VLAN 20 is added to this table too. But is it added right when the vlan is created? Or only once we give it an IP?

Anyways, now the switch forwards the frame out all interfaces within the vlan, including the SVI(to whom this arp is intended for in the first place). This is where I'm kind of scratching my head. For the regular Fa0/x interfaces, the broadcast is sent/forwarded out, but the SVI can't forward, or send, a broadcast out. Rather, it receives the broadcast doesn't it? So I guess my question is kind of like, how does the switch hand the SVI a broadcast? Hopefully someone will kind of know what my confusion is.. not sure. I thought layer 2 was so easy until I start really thinking about how these broadcast and multicast frames are processed.. The frustrating part is I know it's so simple and something I'll laugh about later. Anyways, feel like a total noob for posting this, but no shame here!

mattau · August 2012

I think you're getting abit mixed up. The arp is for 192.168.100.1 and its all FFFF's broadcast so when svi 20 receives the arp it says "oh i have that ip address that arp is for ( 192.168.100.1 ) so i better reply with my mac address " and send it back to the originator of the arp which is host B. I am not sure what you mean by svi 20 receiving the broadcast and forwarding it out? because a broadcast domain is limited by layer 3 devices and if you needed to arp for someone off your subnet your default gateway would act like a proxy arping person : )
I think thats what you mean? something like the pic i made? sorry if its not the right scenario you mean

Forsaken_GA · August 2012

MrBrian wrote: »

Ok, so thinking about the traffic flow, the host will send out a broadcast with destination mac ffff.ffff.ffff... the switch will receive the frame and see this destination mac, and say "this gets forwarded out all ports in the vlan that I received it from (except for the one on which it was received)." And I know the switch has an internal table of all ports that exist within the vlan.. Ok, feeling good.

I know the SVI for VLAN 20 is added to this table too. But is it added right when the vlan is created? Or only once we give it an IP?

That depends on which table you're talking about. The cam table? No, the SVI isn't added to that.

Rack7SW1#sh mac address-table vlan 7
Mac Address Table

Vlan Mac Address Type Ports
----

All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
7 0023.aba5.b791 DYNAMIC Fa0/15
Total Mac Addresses for this criterion: 21

It is, however, present in the ARP table.

Rack7SW1#sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 187.7.17.7 - 0018.b952.4bc3 ARPA Vlan17
Internet 187.7.17.1 102 0012.4320.12e0 ARPA Vlan17
Internet 187.7.13.7 - 0018.b952.4bc1 ARPA FastEthernet0/18
Internet 187.7.13.9 104 000e.3850.fc80 ARPA FastEthernet0/18
Internet 187.7.7.7 - 0018.b952.4bc2 ARPA Vlan7

The easiest way to understand SVI's is this -

Imagine your host was connected to a switch. Now imagine the switch was connected to a router port. The router port and the host are in the same vlan, so when you ping the router ports IP address, it transits the switch via the Vlan, and responds.

Now collapse the router into the switch, so that while it's one physical box, conceptually, it's two. An SVI is, essentially, an access port that's been assigned to the vlan that connects to a layer 3 port. It just happens to be a logical construct instead of a physical one. The logical access port on the switch side of the box has a logical wire connecting to the logical router port on the router side of the switch (this isn't entirely true, since an SVI is basically a layer 2 and layer 3 port at the same time, which breaks the traditional rules, but I'm trying to impart the concept)

MrBrian · August 2012

Wow, thanks for the input and diagram, much appreciated. I know that the SVI for vlan 20 will receive the broadcast and see that the arp request is for itself, and respond, yada yada.

I guess the question is more in how the switch "gives" or "sends" the broadcast frame to the SVI internally. On a standard layer 2 switch, the switch will just forward the frames out other interfaces in the vlan. But with an SVI, is the switch simply programmed to give the broadcast to the SVI as well, so it can process it? And yea, you're right, I am definitely a bit mixed up lol. I've got a loop running in my head trying to just get a stronger grasp, or stronger hold on it. I understand it all in my head from a distance, but when I think about how a switch processes broadcasts, and how the switch knows to let the SVI process the broadcast, is just one of those initial mind benders for me.

I think your step 3 from the diagram is where I need more guidance.

Another thought (and I'm sure I can just google this and find what I'm looking for, but I'll ask just because I'm ignorant at the moment lol): When the SVI responds to the arp request, which mac does it use? When a vlan int is created for a vlan, does it just get a mac from a pool, or is the mac derived from its vlan, etc? Thanks

Forsaken_GA · August 2012

MrBrian wrote: »

Another thought (and I'm sure I can just google this and find what I'm looking for, but I'll ask just because I'm ignorant at the moment lol): When the SVI responds to the arp request, which mac does it use? When a vlan int is created for a vlan, does it just get a mac from a pool, or is the mac derived from its vlan, etc? Thanks

That's actually dependent on the platform. Some switches use the same mac for all SVI's, others have uniques (and I honestly have no idea where they pull from). It's largely irrelevant, as the mac is only needed for within that layer 2 domain, and to pass traffic outside of the vlan requires passing outside of the layer 2 domain, thereby making the mac irrelevant, as it will be changed between router hops. The only case where it would matter would be if you were trying to bridge two different vlans together on the same switch, and I qualify that as a stupid router trick.

mattau · August 2012

oh i see now I understand what were looking for

I just accept it for what it is like what Forsaken said regarding visually trying to understand the inner workings of a switch/router. It is a maze in there and very very complex. from my brief look into how cef and stuff works its like a whole new world.

the svi responds to the arp with its own mac. i just picture it like the packet going into the switch on whatever interface then it being channelled up to an internal router ( the svi ) then the router does the reply back

MrBrian · August 2012

Forsaken_GA wrote: »

The easiest way to understand SVI's is this -

Imagine your host was connected to a switch. Now imagine the switch was connected to a router port. The router port and the host are in the same vlan, so when you ping the router ports IP address, it transits the switch via the Vlan, and responds.

Now collapse the router into the switch, so that while it's one physical box, conceptually, it's two. An SVI is, essentially, an access port that's been assigned to the vlan that connects to a layer 3 port. It just happens to be a logical construct instead of a physical one. The logical access port on the switch side of the box has a logical wire connecting to the logical router port on the router side of the switch (this isn't entirely true, since an SVI is basically a layer 2 and layer 3 port at the same time, which breaks the traditional rules, but I'm trying to impart the concept)

Hey thanks for that, makes a lot more sense. I was just kind of mind-f'ing myself there for a moment, ha. I'd say I have pretty good networking fundamentals, but I am fairly new to some of the switch concepts. This help move my understanding along, awesome.

Also, thanks for the part about which mac address is used. Whenever I'm trying to understand something new, I always want to get right down to the nitty gritty. I think it helps me in the long run, but it can be frustrating at times lol. Thanks again

SVI train of thought help

Comments