Answer to Question: Destination MAC Only?

certskills
By certskills December 14, 2016 12:05

The previous post posed a question that appeared straightforward – but one that set up a couple of the more common mistakes that people make with the subject of Layer 2 frame forwarding.  The goal was twofold: yet another practice question, but also to give you a reason to check out the  “CCENT ICND1 100-105 Exam Prep LiveLessons” product in case you wanted more background info. This post details the answers, focusing on the trickier answers.

First – the Literal Answers

A, D

That is, a frame sent by PC2 to PC4’s MAC address (0200.4444.4444) will be forwarded out SW3’s ports F0/1 and G0/1, but not the other ports. Here’s a copy of the figure for reference, and a copy of the exhibit.

Figure for This Question

 

 

Example 1: Command Output

 

Analysis: Forwarding in VLAN 2

One key to answering this question is to determine which VLAN the switch considers the frame to be in when processing the frame. Reducing the facts:

  • The question stem states: frame is sent by PC2
  • The Figure shows PC2 off switch SW3’s port F0/2
  • The stem states that all ports connected to PCs are access ports
  • The exhibit shows port F0/2 as an access port in VLAN 2

So, switch SW3 processes the frame as part of VLAN 2.

 

Ruling Out Two Incorrect Answers

Next consider the incorrect answer about port F0/2. Will a switch receive a frame in one access interface (F0/2) and send it back out that same access interface? No. Simple enough.

Next, consider the answer for interface F0/3. Why wouldn’t the switch forward the frame out F0/3? That port appears to be up and working, and SW3 needs to flood the frame as it turns out.

The reason is simple: the port is not part of VLAN 2, but the frame arrived in VLAN 2. Following the facts again:

  • From the earlier list, switch SW3 considers the frame to be part of VLAN 2
  • The question stem states that the ports connected to PCs are access ports
  • The exhibit shows port F0/3 as being assigned to VLAN 3

Therefore, switch SW3 will not forward the frame out port F0/3 – even though SW3 will flood the frame.

 

Flooding the Frame… In VLAN 2

Now turn to the correct answers. The frame arrives in an access port assigned to VLAN 2 (port F0/2). As it turns out, switch SW3 floods the frame in VLAN 2. Here’s why:

  • The destination MAC – 0200.4444.4444 – is not in SW3’s MAC table at all. More importantly, there is no entry for that MAC address that also lists VLAN 2.
  • In other words, the destination is unknown to SW3 in VLAN 2, so SW3 treats the frame as an unknown unicast frame
  • SW3 floods the frame out:
    • All ports in VLAN 2 (access ports and trunks)
    • …Except the incoming port (F0/2 in this case)

Per the exhibit, those interfaces include F0/1 (an access port) and G0/1 (a trunk port). Those are the two correct answers.

 

Extra Logic… That Does NOT Apply

Did you think that SW3 would NOT forward the frame out port F0/1?

Couple of times over the last few months I’ve heard from readers who have wanted to add a bit of switching logic to SW3, logic that would have made SW3 not forward the frame out F0/1. Here’s the logic, which is NOT true – but you can easily see why someone might go there mentally.

  • SW3 has learned the MAC address of the one device off its F0/1 access port (0200.1111.1111)
  • When flooding the frame in VLAN 2, SW3 does NOT flood the frame out port F0/1, because SW3 has already learned of one MAC
  • The logic (which is, again, not true) is that because SW3 knows of one MAC on that port, it should NOT flood the frame on the port

Switches don’t add that bit of logic, because there might be more than one device connected off that port (for instance, through a hub or even through another switch). So, don’t add the logic!

 

CCENT Exam Prep LiveLessons – Common Mistakes

Did you find it useful to think about these kinds of situations where you might make a mistake? That’s what half the new CCENT Exam Prep LiveLessons product is about – predicting those kinds of mistakes, and revealing them to you so that you can not make those mistakes on the exam. Check out the samples.

 

Switch Forwarding Question: Destination MAC Only?
Practice Test SW Fix
certskills
By certskills December 14, 2016 12:05
Write a comment

8 Comments

  1. Robert December 15, 08:24

    Absolutely useful and clarifier, as usual.

    Thank you very much Wendell

    Reply to this comment
  2. Mikhail December 23, 08:29

    I am not a native English speaker, so sorry for my mistakes.
    And what about ARP? Why SW3 just dont send ARP request to realise that PC4 is after G0/1?

    Reply to this comment
    • CCENTSkills December 23, 10:50

      Hi Mikhail,
      I understand you! Your English is great.
      SW3 is a layer 2 switch in this question, so it would never send ARPs or process received ARPs for the same of learning information about the network. As a layer 2 switch, it only learns about MAC addresses by looking at the source MAC address of received frames, and then placing those in the MAC address table.

      Even a layer 3 switch wouldn’t use ARP to learn entries for it’s MAC table. A layer 3 switch would use ARP to learn the mapping of IP addresses to their MAC addresses, placing that data into the switch’s ARP table. But the ARP process wouldn’t update the MAC address table, which is the table used by the switch to direct layer 2 switching.

      Hope this helps,
      Wendell

      Reply to this comment
      • Mikhail December 26, 09:40

        Thank you Wendell allot!
        I tricked myself a little. Of course I meant, that not SW3 sent ARP request, but PC2 did.
        But what, if PC2 sent frame not to PC4 Mac address, but to IP address? As it works in real life.
        In my opinion, logic should go this way:
        1. PC2 watches at his ARP table and don’t find any match
        2. Send an ARP request into the LAN
        3. Request walks through our LAN and SW3 learns the PC4’s entrance and write it down at his Mac-address table
        4. PC2 makes a frame with PC4 Mac-address and sends it directly to PC4 (as is in your question)
        5. SW3 already has match in his Mac-address table, so he don’t need to send a broadcast messages and just send the frame directly through G0/1.

        Please tell me whether I am right, or not.
        Thank you again!

        Reply to this comment
        • CCENTSkills December 27, 09:44

          Hi Mikhail,
          OK, got it, you meant that PC2 ARPs, not SW3.
          Then you said “what if PC2… like in real life.”
          Well, what’s described in the scenario is what happens in real life as well. Imagine PC2 and PC4 are in the same subnet, say addresses 10.1.1.2 and 10.1.1.4. PC2 wants to send an IP packet to destination IP address 10.1.1.4 (which I think is what you’re describing). Once ARP completes, the IP packet sent to PC4’s IP address is encapsulated in a frame sent to PC4’s MAC address.
          I think we’re in agreement on the above?
          If so, then I understand your 5 steps – which aren’t what the question asks – but I understand them. Then I agree with your 5 steps, except step 5, but my disagreement is only about the wording. I wouldn’t use the phrase “don’t need to send a broadcast message”, because that may imply that SW3 is creating that message. I might instead state that SW3 “does not flood the frame”, because the word “flood” is the specific term describing switch logic for a frame with an unknown destination MAC address.

          And your English is still great! 🙂
          Wendell

          Reply to this comment
  3. RN May 20, 10:22

    Hi Wendell,

    Shouldn’t “show interfaces status” also display interface G0/1?

    Packet Tracer does not support this command and I don’t have real or emulated switch so I can’t test it.

    Thanks,

    RN

    Reply to this comment
  4. Maxim January 31, 23:06

    There is a mistake in your answer:
    “Per the exhibit, those interfaces include F0/1 (an access port) and G0/2 (a trunk port). Those are the two correct answers.”
    G0/1 should be.

    Reply to this comment
    • CCENTSkills February 1, 16:03

      Maxim,
      Yep, I agree. I changed it (so for the rest of you, no need to look for what Maxim referenced – I changed it).
      Thanks,
      Wendell

      Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Search

Categories