Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
51520
Views
71
Helpful
9
Replies

Mac-address table in IOS Routers

Go to solution
snarayanaraju
Level 4
Level 4

‎07-22-2014 12:45 PM - last edited on ‎11-15-2022 02:12 AM by Community Manager

Hey All - Perhaps this ask may sound insane. But I am very curious to get the answer.

 

Does Cisco Router maintain a MAC Address table like Switch?. In all my production routers I am seeing the MAC address table empty though IP ARP table is populated with IP->ARP mapping.

rtr1-arabon#show mac-address-table
rtr1-arabon#




 rtr1-arabon#sh ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  10.15.20.1          187   0050.56af.5996  ARPA   Port-channel1.20
Internet  10.15.20.2            -      0000.0c07.ac00  ARPA   Port-channel1.20
rtr1-arabon#sh ip int brief


Port-channel1.20            10.15.203.124  YES NVRAM  up                    up
 


regards / SAIRAM

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎07-22-2014 01:44 PM - last edited on ‎11-15-2022 02:18 AM by Community Manager

Hello Sairam,

Routers do not normally maintain MAC address tables. Please do not confuse MAC address table and an ARP table. MAC address table maps MAC addresses to switchports where the owners of individual MAC addresses are attached. ARP table maps IP addresses of directly attached neighbors to their MAC addresses. Note that MAC address table and ARP table have nothing in common, and you do not  need to maintain one to populate the other.

On a router, you may find that the

show mac address-table

command is supported. This command would display a non-empty output if your router had a switching module installed, such as HWIC-4ESW or similar, because in that case, the router also has a switching hardware and behaves both as a router and as a switch. If there was a switching module installed into the router, the

show mac address-table

would show you the MAC addresses learned on individual ports of the switching module. On a router without a switching module, this command displays nothing.

Best regards,
Peter

View solution in original post

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to snarayanaraju

‎07-22-2014 02:16 PM

Hi Sairam,

With that said, if I have a Metro Ethernet Link connected to one of the GE Routed Port (GE0/1), how does the router reaches the other end peer router. I thought the router will learn the MAC Address of the remote end router and populate that in the MAC address table.

The gi0/1 interface on your router is a routed interface. That means that whatever is going to be sent out that interface is primarily determined by routing, not by switching. The routing table is the key answer here - it is exactly the routing table that will say: "With this packet, you need to send it out the gi0/1 interface". Then, and only then, the router will try to forward the packet out the gi0/1 interface. If the routing table does not point out the gi0/1 interface, no packets are going to be sent out that interface.

Keep in mind that our gi0/1 interface is assigned an IP address in some IP subnet. When your router needs to send a packet to someone else in the same subnet, it will first do a lookup in the ARP table to see if the IP/MAC mapping is already there. If it is, it will just use it. If it isn't, it will broadcast an ARP request and wait for the reply.

The same process would happen if the destination was reachable via an IP next hop address that belongs to the IP subnet of gi0/1 - that next hop address would be looked up in the ARP table, and if it is not there, the router would need to send an ARP request.

But I am able to ping the Remote end Router connected to GE0/1, though there is no MAC address entry in the MAC address table (of course the MAC address of the remote router is in the ARP table)

Yes. That is because when you ping the other end, you ping a host that is in the same IP network as your gi0/1 interface. That is the impulse for your router to send the packet out gi0/1, populating the ARP table in the process.

How to troubleshoot in Layer 2 perspective if the Remote end router is not reachable?

On a routed interface, your options are extremely limited. Neither the routing table nor the ARP table is populated based solely on an IP packet received from the other end. To populate an ARP table, you absolutely need to have an ARP conversation with the other router, and if the other router does not respond to ARP, there is no way of you learning its IP/MAC mapping automatically.

Usually, when I cannot ping the other end router, I at least have a look into the ARP table whether the remote router's MAC address has been discovered via ARP. If not, the IP communication principially cannot work, so I do not even try using IP-based troubleshooting tools. In that case, I need to find out if the remote router is attached, up and running. CDP can be very helpful here.

If the ARP table is populated but the router does not respond to, say, pings then it is often a matter of ACLs or routing. Sometimes I have seen situations when the netmask of the local and remote router was mismatched, one of them was more specific, and the routing protocol advertised both the less and the more specific routes, and the path toward the more specific route went around the entire topology, possibly hitting some stateful firewalls. That was quite nasty to debug wink

Please feel welcome to ask further!

Best regards,
Peter

 

View solution in original post

9 Replies 9

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎07-22-2014 01:44 PM - last edited on ‎11-15-2022 02:18 AM by Community Manager

Hello Sairam,

Routers do not normally maintain MAC address tables. Please do not confuse MAC address table and an ARP table. MAC address table maps MAC addresses to switchports where the owners of individual MAC addresses are attached. ARP table maps IP addresses of directly attached neighbors to their MAC addresses. Note that MAC address table and ARP table have nothing in common, and you do not  need to maintain one to populate the other.

On a router, you may find that the

show mac address-table

command is supported. This command would display a non-empty output if your router had a switching module installed, such as HWIC-4ESW or similar, because in that case, the router also has a switching hardware and behaves both as a router and as a switch. If there was a switching module installed into the router, the

show mac address-table

would show you the MAC addresses learned on individual ports of the switching module. On a router without a switching module, this command displays nothing.

Best regards,
Peter

Go to solution
snarayanaraju
Level 4
Level 4
In response to Peter Paluch

‎07-22-2014 01:58 PM

Hello Peter - Thank you for reply.

I am exactly seeing what you described. My router is installed with HWIC-4ESW card and the MAC Address table (show mac-address-table) shows the devices MAC address connected to these 4 ports only. I am not seeing the MAC address of the devices connected to any of the other routed ports like GE0/0, GE0/1.

 

With that said, if I have a Metro Ethernet Link connected to one of the GE Routed Port (GE0/1), how does the router reaches the other end peer router. I thought the router will learn the MAC Address of the remote end router and populate that in the MAC address table.

But I am able to ping the Remote end Router connected to GE0/1, though there is no MAC address entry in the MAC address table (of course the MAC address of the remote router is in the ARP table)

How to troubleshoot in Layer 2 perspective if the Remote end router is not reachable?

 

Thanks / SAIRAM

 

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to snarayanaraju

‎07-22-2014 02:16 PM

Hi Sairam,

With that said, if I have a Metro Ethernet Link connected to one of the GE Routed Port (GE0/1), how does the router reaches the other end peer router. I thought the router will learn the MAC Address of the remote end router and populate that in the MAC address table.

The gi0/1 interface on your router is a routed interface. That means that whatever is going to be sent out that interface is primarily determined by routing, not by switching. The routing table is the key answer here - it is exactly the routing table that will say: "With this packet, you need to send it out the gi0/1 interface". Then, and only then, the router will try to forward the packet out the gi0/1 interface. If the routing table does not point out the gi0/1 interface, no packets are going to be sent out that interface.

Keep in mind that our gi0/1 interface is assigned an IP address in some IP subnet. When your router needs to send a packet to someone else in the same subnet, it will first do a lookup in the ARP table to see if the IP/MAC mapping is already there. If it is, it will just use it. If it isn't, it will broadcast an ARP request and wait for the reply.

The same process would happen if the destination was reachable via an IP next hop address that belongs to the IP subnet of gi0/1 - that next hop address would be looked up in the ARP table, and if it is not there, the router would need to send an ARP request.

But I am able to ping the Remote end Router connected to GE0/1, though there is no MAC address entry in the MAC address table (of course the MAC address of the remote router is in the ARP table)

Yes. That is because when you ping the other end, you ping a host that is in the same IP network as your gi0/1 interface. That is the impulse for your router to send the packet out gi0/1, populating the ARP table in the process.

How to troubleshoot in Layer 2 perspective if the Remote end router is not reachable?

On a routed interface, your options are extremely limited. Neither the routing table nor the ARP table is populated based solely on an IP packet received from the other end. To populate an ARP table, you absolutely need to have an ARP conversation with the other router, and if the other router does not respond to ARP, there is no way of you learning its IP/MAC mapping automatically.

Usually, when I cannot ping the other end router, I at least have a look into the ARP table whether the remote router's MAC address has been discovered via ARP. If not, the IP communication principially cannot work, so I do not even try using IP-based troubleshooting tools. In that case, I need to find out if the remote router is attached, up and running. CDP can be very helpful here.

If the ARP table is populated but the router does not respond to, say, pings then it is often a matter of ACLs or routing. Sometimes I have seen situations when the netmask of the local and remote router was mismatched, one of them was more specific, and the routing protocol advertised both the less and the more specific routes, and the path toward the more specific route went around the entire topology, possibly hitting some stateful firewalls. That was quite nasty to debug wink

Please feel welcome to ask further!

Best regards,
Peter

 

Go to solution
snarayanaraju
Level 4
Level 4
In response to Peter Paluch

‎07-22-2014 02:33 PM

Hi Peter - Awesome explanation. Thanks. Though we guys work on high-end stuffs many time get confused or miss to note the fundamentals.  It was very useful.

 

SAIRAM

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to snarayanaraju

‎07-22-2014 02:37 PM

Hi Sairam,

You are very much welcome. It has been a pleasure. Thank you for all the ratings!

Best regards,
Peter

 

0 Helpful

Go to solution
Iluvnetwork
Level 1
Level 1
In response to Peter Paluch

‎11-30-2017 12:58 AM

Thank you very much :)
0 Helpful

Go to solution
NetWorkMonster
Level 1
Level 1
In response to Peter Paluch

‎07-25-2020 05:34 AM

Thanks for explanation cause it's so clear and gratifull

0 Helpful

Go to solution
adattola
Level 1
Level 1
In response to Peter Paluch

‎02-27-2023 01:21 PM

The MAC address display for the EHWIC-4ESG is sh mac-address-table (Note: there's a dash between mac & address)

0 Helpful

Go to solution
raf-jablonsky
Level 1
Level 1
In response to Peter Paluch

‎05-21-2024 03:03 AM

this is a great explanation, as I was confused with this basic concepts of MAC and ARP tables, between routers and switches. Thank you for this post! 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card