Does switch send arp message ?

satyaz · ‎02-24-2018

I'm currently learning networking since last month. In the book (ccna 200-125 official cert) said that if the switch doesn't know destination mac address of a frame, it will flood all of its ports except the port which the data coming from.

If i may, i have two question,

1. Switch flood its port with the broadcast 255.255.255.255 or just simply flood the frame without broadcast address because its in the L2?

2. Why don't the switch just send the arp message to retrieve the frame mac address destination ?

I'm sorry if the questions sounds silly and very basic, i'ts my first time learning networking. Every answer from you will be my enlighment. Thank you.

Richard Burts · ‎02-24-2018

1) the switch does not change the destination mac address to broadcast. It simply forwards a copy of the original frame to each port in that vlan (except for the port on which the frame was received)

2) to answer this question we should start by remembering the difference between layer 3 forwarding and layer 2 forwarding. Layer 3 forwarding can be done by routers and by switches if ip routing is enabled. In layer 3 forwarding you look at the destination IP address and decide to which interface and to which next hop you should send it and that decision may include doing an arp request to determine the destination mac address. Layer 2 forwarding is done by traditional switches and by more modern switches if ip routing is not enabled. In layer 2 forwarding the switch deals only with layer 2 information. Since an IP address is layer 3 the switch can not consider the destination IP and therefore can not use arp to determine the destination mac address.

HTH

Rick

HTH

Rick

Richard Burts · ‎02-24-2018

I thought that the question had a simple answer that would be adequate and I gave it. But I also think that the question can be answered in a different way and will provide that answer also. The answer is that the mac address table and the arp table are similar in that they both are tables that contain mac addresses. But they are different in how they are used and in how they are built.

The mac address table shows the relationship between mac address and the interface on which it is located. The mac address table is built by observing traffic as it comes through the switch. For every frame that comes into the switch the switch looks at the source mac address and evaluates whether it already know the mac and interface for this one or whether it should create/update an entry with new information.

The arp table shows the relationship between mac address and IP address. It is built by sending arp requests and receiving arp responses.

With that understanding we can now see that if a frame arrives at the switch for layer 2 forwarding and the switch does not find the destination mac address in the mac address table that it would not use arp because arp does not update the mac address table.

HTH

Rick

HTH

Rick

atomdstyle · ‎10-25-2021

Just adding in my observation(I am very new to N/w and in learning phase). A switch is a sort of intermediate device, right. Either it receives frame to some other node/ send it to some node. So it should be the responsibility of the sending node to have some destination mac address filled in Ethernet frame right?(Either a broadcast address or some specific mac address). What I could infer from @Richard Burts answer(Thanks for the detailed explanation!) is that switch only needs to infer to which port it needs to forward the frame. For this it would use the mac address table(different from ARP table). If a suitable entry is not found, it simply forwards in all other ports except the port it received from. So yes either the ways, a suitable destination MAC address should be there right?

Joseph W. Doherty · ‎10-25-2021

"So yes either the ways, a suitable destination MAC address should be there right?"

Normally, yes/correct, although it's possible there is no destination host, at least on-line (and within the same "LAN") with that MAC.

In fact, normally, one host sending to another will start with a host name or host IP, which it will use to obtain a MAC for its own ARP table. Acquiring the other host's MAC (via ARP) will generally also populate any transit (L2) switches' MAC table, but not their own ARP table.

"If a suitable entry is not found, it simply forwards in all other ports except the port it received from."

BTW, "other ports" only include those within the same L2 broadcast domain. I.e. many smart/enhanced switches support VLANs, so its possible not ALL other ports will be included in a "flood" (unknown port to send on) situation.

Richard Burts · ‎10-25-2021

I do not fully understand the comments by @atomdstyle but let me offer these comments in hope that they would be helpful. We need to distinguish whether the switch is configured to do layer 2 forwarding (both source and destination devices are in the same subnet) or to do layer 3 forwarding (source device is in one subnet and destination device is in a different subnet).

If the switch is doing layer 2 forwarding then the source mac address and the destination mac address of the frame remain the same as the switch forwards the frame. The switch uses the destination mac address to make its forwarding decision and looks in its mac address table to see if it knows where the destination mac address is located. If the destination mac address is in the mac address table then the switch simply forwards the frame out the single interface that goes to the destination. If the destination mac address is not in the mac address table then the switch forwards the frame out every interface in that vlan, except for the interface on which it received the frame.

If the switch is doing layer 3 forwarding then the behavior can be different. The switch would receive a frame to be forwarded and first checks the source and destination IP addresses. If the source IP address and the destination IP address are in the same subnet then the switch simply uses its layer 2 forwarding logic which I just described. If the destination IP address is in a different subnet than the source IP address then the switch uses its layer 3 logic. It looks in its routing table to determine where the destination subnet is located and what is the next hop to reach that subnet. In forwarding the packet to the next hop the switch would change the source and destination mac address. The new source mac address would be the mac of the switch interface and the destination mac address would be the mac address of the next hop device.

HTH

Rick

Joseph W. Doherty · ‎10-26-2021

Just to add a bit to Rick's explanation on L3 forwarding.

It's possible when forwarding/routing to the destination network it's directly connected to the L3 switch, i.e. there's no "next hop". The destination MAC would be the destination host's MAC. (Source MAC is a Rick describes, and to be clear, the switch interface would be the L3 interface the L3 uses to connect to next hop or destination network.)

Interestingly, in both the cases of the "next hop" or destination host network directly connected, the L3 switch still needs a destination MAC, which it may, or may not have (even if at its L2 level it has a destination MAC in its MAC table). If it does not have the destination IP in its own ARP table, it will ARP for it. (BTW, although smart/enhanced/managable L2 switches have ARP caches, they often don't use them much, but L3 switches may, and often, use their ARP caches extensively.)