cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
209854
Views
56
Helpful
7
Replies

show arp vs show mac-address-table

Kyujin Choi
Level 1
Level 1

show arp vs show mac-address-table

I am using GNS3. For switch, I am attaching switch 16 module for simulation.

For my router and switch (router with switch module on it) both works commands "show arp" and "show mac-address-table".

From router, "show arp" shows all output, but when I use "show mac-address-table" it doesn't show any output. The below is output.

R2#show arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  1.1.1.1                23   0000.0000.0001  ARPA   FastEthernet0/0
Internet  1.1.1.2                 -   0000.0000.0002  ARPA   FastEthernet0/0
R2#show mac
R2#show mac-address-table

R2#

From switch, show mac-address-table shows all output, but "show arp"

SW1#show  arp

SW1#show mac
SW1#show mac-address-table
Destination Address  Address Type  VLAN  Destination Port
-------------------  ------------  ----  --------------------
cc0e.05a0.0000          Self          1     Vlan1
0000.0000.0002          Dynamic       1     FastEthernet1/2

Question) So, when I do "show ?" i can see both "arp" and "mac-address-table" supported from both router and switch. But I can't see mac-address-table from router and arp table from switch. What is wrong with this? Is it because of GNS3?

Thanks for your knowledge and time.

2 Accepted Solutions

Accepted Solutions

Edison Ortiz
Hall of Fame
Hall of Fame

The ARP table is only populated on Layer3 devices and the router is performing its resolution against interface F0/0 (assuming that's SW1).

The router won't have the MAC-Address information from the switch because its interface is running Layer3 instead of Layer2.

As for the switch, it's only running Layer2 so it is unable to do any ARP on the incoming traffic and it populates its MAC-Address table because its interfaces are configured as L2 ports.

Regards,

Edison.

View solution in original post

Richard Burts
Hall of Fame
Hall of Fame

No it is not because of GNS3.

To answer this let us start by understanding the 2 things (ARP table, and MAC address table) and how they are used and how they are different. The ARP table is the result of layer 3 activity and is built as layer 3 interfaces look for and find the MAC address associated with an IP address. The MAC address table is the result of layer 2 activity and is built as layer 2 interfaces receive a frame and discover the source MAC address of the frame.

So the MAC address table is the result of switching activity and the ARP table is the result of routing activity.

If your router has a switch module then the switch module will build a MAC address table. But you may not be able to see the switch mac address table from the router command line. It may be that you need to session to the switch to see its mac address table.

The switch will certainly have a mac address table and it may have an ARP table. Remembering that the ARP table is the result of routing activity we can understand that if you have used the management interface of the switch to access network resources within its own subnet (ping in its own subnet is a good example) there there would be entries in the ARP table of the switch. If there are no ARP entries on the switch then it is a sign that the switch management interface has not been used to access other IP addresses.

HTH

Rick

HTH

Rick

View solution in original post

7 Replies 7

Edison Ortiz
Hall of Fame
Hall of Fame

The ARP table is only populated on Layer3 devices and the router is performing its resolution against interface F0/0 (assuming that's SW1).

The router won't have the MAC-Address information from the switch because its interface is running Layer3 instead of Layer2.

As for the switch, it's only running Layer2 so it is unable to do any ARP on the incoming traffic and it populates its MAC-Address table because its interfaces are configured as L2 ports.

Regards,

Edison.

Edison

I do not agree with you that a layer 2 switch can not do ARP table. As I explained in my post the layer 2 switch will use ARP, but only for traffic originated from its management interface. The ARP table on a layer 2 switch is usually very small, if not empty, but it is possible for the switch to use ARP and to build an ARP table. (after all the VLAN interface that is the management interface is a layer 3 interface and as such will use ARP)

HTH

Rick

HTH

Rick

Rick,

I'm talking on this specific case. I know the ARP table would be populated if you had a management interface on the switch for traffic directed to that management interface but it won't contain the ARP table for its directed connected hosts. The router on that segment will have that information.

Edison

You and I are mostly in agreement - the ARP table on a layer 2 switch is not a good way to find what is connected to the switch, and the best thing for determining what is connected to the switch are the addresses in the mac-address-table.

But I am  concerned that your statement "As for the switch, it's only running Layer2 so it is unable to do any ARP" will give an incorrect understanding to some readers. This is probably a manifestation of my reputation for being concerned about details and about the subtleties of how we describe things - but that is who I am, and after years of teaching Cisco classes I am concerned about accuracy in how we describe things.

HTH

Rick

HTH

Rick

Richard Burts
Hall of Fame
Hall of Fame

No it is not because of GNS3.

To answer this let us start by understanding the 2 things (ARP table, and MAC address table) and how they are used and how they are different. The ARP table is the result of layer 3 activity and is built as layer 3 interfaces look for and find the MAC address associated with an IP address. The MAC address table is the result of layer 2 activity and is built as layer 2 interfaces receive a frame and discover the source MAC address of the frame.

So the MAC address table is the result of switching activity and the ARP table is the result of routing activity.

If your router has a switch module then the switch module will build a MAC address table. But you may not be able to see the switch mac address table from the router command line. It may be that you need to session to the switch to see its mac address table.

The switch will certainly have a mac address table and it may have an ARP table. Remembering that the ARP table is the result of routing activity we can understand that if you have used the management interface of the switch to access network resources within its own subnet (ping in its own subnet is a good example) there there would be entries in the ARP table of the switch. If there are no ARP entries on the switch then it is a sign that the switch management interface has not been used to access other IP addresses.

HTH

Rick

HTH

Rick

thanks for your reply. I just added switch default gateway and ip. now I understand ARP on switch.

I am glad that you got it working and understand ARP now and that our responses were helpful. Thank you for marking the question as solved (and thanks for the points). It makes the forum more useful when people can read a question and can know that they will also read responses which provided answers to the question. Your marking will make this clear to readers of this thread.

HTH

Rick

HTH

Rick