Options
Q: Will switch forward unknown frame out different vlan ports?
j4rt02
Member Posts: 29 ■□□□□□□□□□
in CCNA & CCENT
Here is the scenario:
1. Frame enters a switch with destination mac which is not in its mac table.
2. Switch has three 802.1q trunk ports, and three access ports each in a different VLAN.
To which ports will the frame go?
Normally I would think it would go out all ports, but isn't the purpose of a VLAN to contain those frames?
1. Frame enters a switch with destination mac which is not in its mac table.
2. Switch has three 802.1q trunk ports, and three access ports each in a different VLAN.
To which ports will the frame go?
Normally I would think it would go out all ports, but isn't the purpose of a VLAN to contain those frames?
Comments
-
Options
YFZblu
Member Posts: 1,462 ■■■■■■■■□□
The port itself is assigned to a VLAN; therefore the switch will receive the frame, and should tag the frame with the VLAN information and send it out the trunk links - Assuming the local switch does not have any other ports that also belong in that same VLAN. If so, the switch would forward the frame to those ports as well, without the VLAN tag. -
Options
MrBrian
Member Posts: 520
You're right, the switch will only send the frame over the trunk links, and out the ports assigned to the same VLAN.Currently reading: Internet Routing Architectures by Halabi -
Optionsj4rt02
Member Posts: 29 ■□□□□□□□□□
That is what I'm thinking, but this practice question appears to be contradicting:
-
Optionsj4rt02
Member Posts: 29 ■□□□□□□□□□
One of my practice test questions is claiming that it will be sent out ALL trunk AND access ports, regardless of the VLAN associated:When a switch receives a frame, the first thing it will do is determine if the frame's MAC address is already inits MAC table. If it is not, as in this scenario, it will send the frame out on all access ports and any 802.1q trunks with the exception of the port on which it arrived.
In the MAC table shown, there is no listing for the MAC address aaaa.aaaa.aaaa.aaaa. This indicates that the destination is not directly connected to this switch. Therefore, the switch will send the frame to all trunk links, which in this case would be the 802.1q trunks and all access links with the exception of the one on which it arrived, which was not identified in this scenario.
Which leaves me confused. I thought that once it was tagged, it was impossible to go to differently tagged port, excluding the trunk links. -
Optionsm3zilla
Member Posts: 172
That sounds like a basic, "101", type explanation. Perhaps it was it was talking about fundamentals switching logic without diving into vlans?
-
OptionsTehToG
Member Posts: 194
The question specifically mentions that the access ports are on separate vlans. The answer is wrong, How could you use vlans for security if a stray packet can cross the boundries?
-
Optionsj4rt02
Member Posts: 29 ■□□□□□□□□□
At first I thought that they were disregarding VLANs, or ALL the access ports were in the same VLAN, which would make this answer valid. However in the show mac address table output, it clearly says they are in different VLANs.
Can Transcender be trusted?!?! -
Options
lantech
Member Posts: 329
What is Transcenders explanation? I doubt it just says that they go out all ports.2012 Certification Goals
CCENT: 04/16/2012
CCNA: TBD -
Optionsj4rt02
Member Posts: 29 ■□□□□□□□□□
This is their explanation:When a switch receives a frame, the first thing it will do is determine if the frame's MAC address is already inits MAC table. If it is not, as in this scenario, it will send the frame out on all access ports and any 802.1q trunks with the exception of the port on which it arrived.
In the MAC table shown, there is no listing for the MAC address aaaa.aaaa.aaaa.aaaa. This indicates that the destination is not directly connected to this switch. Therefore, the switch will send the frame to all trunk links, which in this case would be the 802.1q trunks and all access links with the exception of the one on which it arrived, which was not identified in this scenario.
You can see the question here: vlanforwardingq.jpg photo by j4rt02 | Photobucket -
OptionsYFZblu
Member Posts: 1,462 ■■■■■■■■□□
Can Transcender be trusted?!?!
Yes. It is not uncommon to find errata in training material. -
Optionsjohnifanx98
Member Posts: 329
That is what I'm thinking, but this practice question appears to be contradicting:
Nothing wrong with the answer/explanation. There is only ONE VLAN, the native one. So, all the access ports belong to the same VLAN as the incoming one. -
Optionsj4rt02
Member Posts: 29 ■□□□□□□□□□
So, in the mac table output, what do 11, 55, and 66 mean?
-
Options
Monkerz
Member Posts: 842
This explanation is, could be, telling the student that if a frame received on Fa0/15 (native vlan55) has a destination mac address that is not in the CAM table, it will flood it out all interfaces "in the output" except the one it came in on.
This is a poorly worded answer/explanation, plain and simple.
If I read that question/answer/explanation at a pre-CCENT/CCNA level, I would think a switch acts as a hub when it encounters a destination MAC it doesn't know about. -
OptionsMonkerz
Member Posts: 842
So, in the mac table output, what do 11, 55, and 66 mean?
What John is referring to is the network from the frame's point of view. The frame comes in on an access port (say vlan666), the switch hasn't seen this MAC before (not showing up in vlan666's CAM table) so it will send the frame out all trunks, that vlan666 is allowed over, and native vlan (vlan666) access ports. -
Optionsjohnifanx98
Member Posts: 329
So, in the mac table output, what do 11, 55, and 66 mean?
Bang. I missed that. But unless you know which VLAN port the frame enters from, (B) is still problematic.
