Switches, do they use ARP?

lon21lon21 Member Posts: 201
While I've been reading I'm being told that switch flood the frame out all ports if the mac address is not in its table.

Does a switch not use ARP instead of flooding the all ports with the frame?


Thanks

Comments

  • deth1kdeth1k Member Posts: 312
    lon21 wrote: »
    While I've been reading I'm being told that switch flood the frame out all ports if the mac address is not in its table.

    Does a switch not use ARP instead of flooding the all ports with the frame?


    Thanks


    arp is layer 3 whether most of the switches are l2
  • MrXpertMrXpert Member Posts: 586 ■■■□□□□□□□
    Hubs repeat all the data out of all the ports, excluding the original source.

    Switches do not do this as far as i'm aware. Instead they create a one to one connection between computers because they map the port number to the computer's MAC address. How does this work? well again as far as I know, when you first turn on a brand new switch it doesn't know any MAC addresses and its CAM table is empty.
    If a computer called "A" (192.168.0.2) wants to communicate with "Computer B"(192.168.0.3). A sends out a broadcast MAC address asking who is 192.168.0.3? all nodes see this arp packet including the switch. the switch also takes note of the fact that within the arp packet is a source and destination MAC. The switch now knows that computer A sent it and what port its connected to so it adds the entry to its table. When B responds back with its MAC; then again the switch sees the traffic and adds the entry to its cam table.

    If computer A already knows B's MAC address (which it has stored in its arp -cache) and sends it to him but the switch doesn't know B then the switch will send out the packet on all ports (except A). B gets the packet, replys back and the switch adds the entry to its CAM table.

    Switches dont really use ARP in the meaning they don't send out out ARPs but they do utilise their functions when a pc sends out an arp.

    All of the above i got from watching cbt nuggets vids so i hope its correct.
    I'm an Xpert at nothing apart from remembering useless information that nobody else cares about.
  • danielno8danielno8 Member Posts: 34 ■■□□□□□□□□
    Switches with IP interfaces's use ARP in the same way any other device uses ARP to communicate. This can be on a L2 switch as the management interface, or a layer 3 switch with IP VLAN interfaces.

    An ARP is broadcasted, and so switches do flood it out all ports. Once the device which the ARP is intended to reach see's the ARP, it replies directly to the device which sent the ARP with it's MAC address. The original device then sends the traffic (which caused it to send an ARP) directly to the MAC of the responder. It's at this point the switch uses it's MAC table to forward the frames out the correct port.
  • lon21lon21 Member Posts: 201
    Thanks,

    In the OSI Model ARP is at Layer 2.

    Therefore, from what you guys have said, the ARP is what is sent/flooded out all ports from inside a switch?
    Once both parties have made connection the MAC are stored into the switch.

    When a switch needed to find a MAC of one of its devices its connected to what broadcast does it send? ARP.
  • deth1kdeth1k Member Posts: 312
    Source Wiki:

    "Placement of ARP within OSI and TCP/IP network models is inconsistent. Strictly speaking, it belongs to the network layer since it is encapsulated by the link layer protocol, and is required only for the network layer protocol to operate, but not the link layer protocol. However, some sources attribute ARP to the link layer, which is technically incorrect because ARP does not operate the line, nor is it part of line protocol suite."
  • deth1kdeth1k Member Posts: 312
    danielno8 wrote: »
    Switches with IP interfaces's use ARP in the same way any other device uses ARP to communicate. This can be on a L2 switch as the management interface, or a layer 3 switch with IP VLAN interfaces.

    Management interface on layer 2 switch is there for one purpouse - Managing the device and will not use ARP, so the above is incorrect. As far as the layer 3 switches go, then yes.
  • danielno8danielno8 Member Posts: 34 ■■□□□□□□□□
    deth1k wrote: »
    Management interface on layer 2 switch is there for one purpouse - Managing the device and will not use ARP, so the above is incorrect. As far as the layer 3 switches go, then yes.

    Do you want to explain to me how a switch finds out the MAC address of it's default gateway? Or how it finds out the MAC of your PC if you are managing it from the same subnet? Or how if i type "show arp" on a switch it lists it's ARP cache?
  • deth1kdeth1k Member Posts: 312
    danielno8 wrote: »
    Do you want to explain to me how a switch finds out the MAC address of it's default gateway? Or how it finds out the MAC of your PC if you are managing it from the same subnet? Or how if i type "show arp" on a switch it lists it's ARP cache?


    show arp on a layer 2 switch will only show your management IP:

    Sw1>sh arp
    Protocol Address Age (min) Hardware Addr Type Interface
    Internet 192.168.1.1 - 0021.d784.xxxx ARPA Vlan127

    Sw1>
    Sw1>sh ver
    Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(35)SE5, RELEASE SOFTWARE (fc1)
    Copyright (c) 1986-2007 by Cisco Systems, Inc.
    Compiled Thu 19-Jul-07 20:06 by nachen
    Image text-base: 0x00003000, data-base: 0x00D40000

    ROM: Bootstrap program is C2960 boot loader
    BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)SEE1, RELEASE SOFTWARE (fc1)
  • danielno8danielno8 Member Posts: 34 ■■□□□□□□□□
    deth1k wrote: »
    show arp on a layer 2 switch will only show your management IP:

    Sw1>sh arp
    Protocol Address Age (min) Hardware Addr Type Interface
    Internet 193.193.126.71 - 0021.d784.1841 ARPA Vlan127

    Sw1>
    Sw1>sh ver
    Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(35)SE5, RELEASE SOFTWARE (fc1)
    Copyright (c) 1986-2007 by Cisco Systems, Inc.
    Compiled Thu 19-Jul-07 20:06 by nachen
    Image text-base: 0x00003000, data-base: 0x00D40000

    ROM: Bootstrap program is C2960 boot loader
    BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)SEE1, RELEASE SOFTWARE (fc1)

    Nope:

    switch-l3-ter-2950-d#show arp
    Protocol Address Age (min) Hardware Addr Type Interface
    Internet 10.59.253.8 - 000f.9074.55c0 ARPA Vlan253
    Internet 10.59.253.1 44 0000.0c07.acfd ARPA Vlan253

    and you also did not answer how you expect a switch to communicate with anything if it does not use ARP to find MAC address.

    Have a google around for more details on how two devices communicate. Beginning with when they are on the same subnet. You will then see why a switch, in the same way as a PC, uses ARP.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    On a managed layer 2 switch, management function and switching functions are seperated. The management functions are just like any other node on the network if they want to communicate at anything above layer 2. The switch will make arp calls for it's gateway, or if it's pinging nodes on the same subnet, just like any other layer 3 device.

    None of this information makes it's way down into the switching stack. The CAM tables are built solely off gleaning MAC addresses from the wire.

    The same thing applies for layer 3 switches, with the addition that any ports which are specifically set to be routed ports, or any SVI's, will behave exactly as a router would.

    So yes, intelligent switches use ARP, but not for any layer 2 functions. Layer 3 functions and above only. Dumb switches (ie, that 4 port Dlink you got from Best Buy) do not use ARP at all. They make no requests, respond to no requests, and treat any requests/responses that flow across them as they would any other layer 2 frame - by looking at an association in the CAM table.

    Alot of folks seem to have trouble with the concept that intelligent switches function on a few different levels. I don't know why the concept of control plane and data plane are so hard to grasp. This is why I get to have fun discussions every single time someone decides to revive the 'do switches limit broadcast domains' question.
  • deth1kdeth1k Member Posts: 312
    danielno8 wrote: »
    Nope:

    switch-l3-ter-2950-d#show arp
    Protocol Address Age (min) Hardware Addr Type Interface
    Internet 10.59.253.8 - 000f.9074.55c0 ARPA Vlan253
    Internet 10.59.253.1 44 0000.0c07.acfd ARPA Vlan253

    and you also did not answer how you expect a switch to communicate with anything if it does not use ARP to find MAC address.

    Have a google around for more details on how two devices communicate. Beginning with when they are on the same subnet. You will then see why a switch, in the same way as a PC, uses ARP.

    ========================================================

    As far as management vlan goes, yes, switch will arp for default gateway if there is one set or communicate (telnet, ssh, ping or web) to hosts on that vlan. However it will not use arp for any other vlan as you can't assign more than one IP address range to L2 switch. You wouldn't assign any hosts to management vlan either (on a local switch). So as far as two hosts communicating on the same switch, it doesn't care about ARP.
  • danielno8danielno8 Member Posts: 34 ■■□□□□□□□□
    deth1k wrote: »
    ========================================================

    As far as management vlan goes, yes, switch will arp for default gateway if there is one set or communicate (telnet, ssh, ping or web) to hosts on that vlan. However it will not use arp for any other vlan as you can't assign more than one IP address range to L2 switch. You wouldn't assign any hosts to management vlan either (on a local switch). So as far as two hosts communicating on the same switch, it doesn't care about ARP.

    Yes you have finally understood what i was saying.

    Oh, and if you find yourself with routing issues you may well have to get your laptop connected to the management VLAN to get access to your devices.
  • deth1kdeth1k Member Posts: 312
    I wouldn't have to connect to any of the switches if there were any routing issues, unless those are L3 switches icon_wink.gif
  • danielno8danielno8 Member Posts: 34 ■■□□□□□□□□
    lon21 wrote: »
    Hi Thanks for your response, when you say it floods, which protocol is it using? Or how does it flood, I guess it does not use broadcasts or multicasts as this is a layer 3 feature.

    Thanks

    Flood just means it forwards the frame it recieved out all ports (except the one it recieved the frame on).
  • lon21lon21 Member Posts: 201
    danielno8 wrote: »
    Flood just means it forwards the frame it recieved out all ports (except the one it recieved the frame on).

    Excellent,

    Thanks
  • danielno8danielno8 Member Posts: 34 ■■□□□□□□□□
    deth1k wrote: »
    I wouldn't have to connect to any of the switches if there were any routing issues, unless those are L3 switches icon_wink.gif

    True icon_cool.gif
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    deth1k wrote: »
    ========================================================

    As far as management vlan goes, yes, switch will arp for default gateway if there is one set or communicate (telnet, ssh, ping or web) to hosts on that vlan. However it will not use arp for any other vlan as you can't assign more than one IP address range to L2 switch. You wouldn't assign any hosts to management vlan either (on a local switch). So as far as two hosts communicating on the same switch, it doesn't care about ARP.

    Be very, very careful with those last statements. An isolated Management VLAN is a concept, not a cold hard fact of life. You could quite easily put the same Management vlan in a vlan full of hosts (and many newcomers do just that because they don't understand why you need to restrict access to your switch's management functions). The switch doesn't care if the Management VLAN is isolated or not. If you left everything in VLAN one, it would happily operate, and it would use ARP just like an end node too.

    And why wouldn't I assign any hosts to the management vlan? Of course I will, at least one, probably two for redundancy. What's the point of having a management vlan if I'm not going to have any devices to manage it? I'm sure as hell not going to have global routes to the management vlan.
  • danielno8danielno8 Member Posts: 34 ■■□□□□□□□□
    Be very, very careful with those last statements. An isolated Management VLAN is a concept, not a cold hard fact of life. You could quite easily put the same Management vlan in a vlan full of hosts (and many newcomers do just that because they don't understand why you need to restrict access to your switch's management functions). The switch doesn't care if the Management VLAN is isolated or not. If you left everything in VLAN one, it would happily operate, and it would use ARP just like an end node too.

    And why wouldn't I assign any hosts to the management vlan? Of course I will, at least one, probably two for redundancy. What's the point of having a management vlan if I'm not going to have any devices to manage it? I'm sure as hell not going to have global routes to the management vlan.[/QUOTE]

    How do you avoid this, when the management VLAN is just another VLAN on the same core switch(es) holding the rest of your production VLAN's?
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    danielno8 wrote: »
    How do you avoid this, when the management VLAN is just another VLAN on the same core switch(es) holding the rest of your production VLAN's?

    Depends on your network. In a simple network, I just have a dual homed box with an interface in the management vlan.

    In a more complicated network, creative use of PBR and ACL's, or firewalls.

    My end goal is that there are only a few entry points into the management network, designated at the chokepoints I design in. Which are usually a pair of heavily firewalled OpenBSD boxes with dual interfaces, and maybe a couple more devices for out of band access.

    it's simple to prevent the route from propagating, just don't announce the network in your routing protocol. The route that the connected interface puts in the routing table is where the pain comes in, as folks can still reach it via the default route if they know it's IP space. Which is why I PBR it to null0 where I can, and drop it by ACL where I can't
  • dtwiss0207dtwiss0207 Registered Users Posts: 3 ■□□□□□□□□□
    I was stuck on a practice exam question that I was hoping someone could help me out with. I keep going over the question cant seem to put it together. Below is the question with the available answers.

    Assume that the switch has a factory default configuration and has just been powered on.
    Host A pings Host B successfully. Which of the following are true?
    Select 5

    A. If Host A pings host C, 1 new MAC table entry will be built.
    B. If Host B pings host C, 1 new MAC table entry will be built.
    C. If Host A pings host B, 1 new MAC table entry will be built.
    D. If Host B pings host D, 2 new MAC table entries will be built.
    E. If Host C pings host A, 1 new MAC table entry will be built.
    F. If Host C pings host D, 2 new MAC table entries will be built.
    G. If Host D pings host A, 1 new MAC table entry will be built.
    H. If Host A pings host B, 2 new MAC table entries will be built
  • fsanyeefsanyee Member Posts: 171
    1 When the switch got the ping from host A, it learns A's mac address and flood the frame. 2 When B replys for the ping, the switch learns B's mac address. H
  • georgemcgeorgemc Member Posts: 429
    dtwiss0207 wrote: »
    I was stuck on a practice exam question that I was hoping someone could help me out with. I keep going over the question cant seem to put it together. Below is the question with the available answers.

    Assume that the switch has a factory default configuration and has just been powered on.
    Host A pings Host B successfully. Which of the following are true?
    Select 5

    A. If Host A pings host C, 1 new MAC table entry will be built.
    B. If Host B pings host C, 1 new MAC table entry will be built.
    C. If Host A pings host B, 1 new MAC table entry will be built.
    D. If Host B pings host D, 2 new MAC table entries will be built.
    E. If Host C pings host A, 1 new MAC table entry will be built.
    F. If Host C pings host D, 2 new MAC table entries will be built.
    G. If Host D pings host A, 1 new MAC table entry will be built.
    H. If Host A pings host B, 2 new MAC table entries will be built

    CORRECT ANSWERS
    A. the switch already knows about A so only has to add C (1 new entry)
    B. the switch already knows about B so only has to add C (1 new entry)
    E. the switch already knows about A so only has to add C (1 new entry)
    F. the switch doesn't know about C or D, so need to add both (2 new entries)
    G. the switch already knows about A so only has to add D (1 new entry)


    INCORRECT ANSWERS
    C. the switch already knows about A and B (no new entries)
    D. the switch already knows about B so only has to add D (1 new entry)
    H. the switch already knows about A and B (no new entries)
    WGU BS: Business - Information Technology Management
    Start Date: 01 October 2012
    QFT1,PFIT in progress.
    TRANSFERRED/COMPLETED: AGC1,BBC1,LAE1,QBT1,LUT1,QLC1,QMC1,QLT1,IWC1,INC1,INT1,BVC1,CLC1,MGC1, CWV1 BNC1, LIT1,LWC1,QAT1,WFV1,EST1,EGC1,EGT1,IWT1,MKC1,MKT1,RWT1,FNT1,FNC1, BDC1,TPV1 REQUIRED:
  • dtwiss0207dtwiss0207 Registered Users Posts: 3 ■□□□□□□□□□
    georgemc wrote: »
    CORRECT ANSWERS
    A. the switch already knows about A so only has to add C (1 new entry)
    B. the switch already knows about B so only has to add C (1 new entry)
    E. the switch already knows about A so only has to add C (1 new entry)
    F. the switch doesn't know about C or D, so need to add both (2 new entries)
    G. the switch already knows about A so only has to add D (1 new entry)


    INCORRECT ANSWERS
    C. the switch already knows about A and B (no new entries)
    D. the switch already knows about B so only has to add D (1 new entry)
    H. the switch already knows about A and B (no new entries)

    Thank you so much. I appreciate the help. I can see it now I was just getting frustrated because I've been over it so many times.
Sign In or Register to comment.