Question

Switching basics

Asked by: karthik_s9

Hi All,

 I have got few doubts in switching.

Switches do broadcast (ARP) first time to learn the destination mac address & store it in the mac-address table.Next time if any packet comes from the same source to same destination it'll not do broadcast,it'll look into the mac-table & send it to the destination directly (unicast).
if the destination is not availabl then it'll send it to the default-gateway.

My Question is,

1. How will the switch know whether this packet has to send it to the default gateway or not?
2. Will Switch maintain the destination adress as the mac-address of default-gateway for all the hosts in different subnet.
3.What will happen if we move the host from one switch to another switch (same subnet)within the MAX-age timer expires.

Also please point me to some good links which will explain in depth of switching technology.

Thanks in advance

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2006-02-21 at 05:35:36ID21745144
Tags

switch

,

mac

,

address

Topics

Miscellaneous Networking

,

Appletalk

,

Network Switches & Hubs

Participating Experts
5
Points
125
Comments
10

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. ARP,RARP
    Please can anyone describe for me what is a ARP, RARP and where and in which way they are useful. Please don`t mention the definition used in Webopedia. I studied them but didn`t got the exact point. Please describe them in detial. thanks in advance.
  2. ARP Protocol
    Would you like to tell me some links or articles which describle about ARP protocol attacks by poisoning ARP cache of router ?
  3. Unicast flooding - Need help - maybe static mac assign
    Here’s the situation We have a Spectralink 802.11b wireless phone system that is causing problems. The phone system consists of 11 gateways (devices) that plug into a Cisco 2950 switch. The Spectralink system needs to be on the same VLAN as the wireless system, which is thro...
  4. switch and ARP question
    Here's a situation, our network has a extreme blackdiamond box. And all the switches on the network are extreme switches. We also run vlans through the network. recently we purchase a device which seems to die after a while on the network (yes on a vlan). You can't ping it ...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: rfr1tzPosted on 2006-02-21 at 05:42:08ID: 16008456

Switches never do ARPs. If they don't know where the destination is, they flood the packet out all ports except for the port that the packet arrived on.

 

by: MortiTechPosted on 2006-02-21 at 05:49:22ID: 16008512

The best link in the world... Cisco's Internetworking Technology Handbook
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/index.ht

Also from Cisco - The Internetwork Troubleshooting Handbook.
http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/index.htm

I found the troubleshooting handbook to be more usefull to me personally than the general handbook, but I am also a network tech for a living.

Wikipedia's "Network Switch" article:
http://en.wikipedia.org/wiki/Network_switch

And since we are talking about switching, its a good idea to know about Layer two:
http://en.wikipedia.org/wiki/Data_link_layer

Good luck, and I hope that helps!

 

by: pseudocyberPosted on 2006-02-21 at 05:55:06ID: 16008545

My comments are based on a strict definition of a layer 2 switch.

>>Switches do broadcast (ARP) first time to learn the destination mac address

This is incorrect.  Switches do not ARP.

.Next time if any packet comes from the same source to same destination it'll not do broadcast,it'll look into the mac-table & send it to the destination directly (unicast).

>>if the destination is not availabl then it'll send it to the default-gateway.

Incorrect.  Switches do not have a default gateway - they do not operate at layer 3, the Network layer.

>>1. How will the switch know whether this packet has to send it to the default gateway or not?

They don't.  They only send to other devices on their local Ethernet segment - or VLAN.  They know nothing of layer 3.

>>2. Will Switch maintain the destination adress as the mac-address of default-gateway for all the hosts in different subnet.

No.  See previous answers on default gateways.

>>3.What will happen if we move the host from one switch to another switch (same subnet)within the MAX-age timer expires.

It depends on which direction the data flow is going.  If the two switches are connected the old may learn of the new location for the MAC and have two entries in its table for the same MAC.

A switch works basically like this:
A sends to B - switch learns of A and notes.  Floods to B (assuming it doesn't know of B)
B gets a flood packet and responds to A - switch learns of B and notes.
Thereafter, all traffic to and from A and B is switched only between the two ports.

An IP host on an IP network needs to send to a destination on a different IP network.  Using binary math and its subnet mask, it will determine it needs the default gateway.  The first time, it will ARP for the IP of the default gateway - which has to be on the SAME layer 2 Ethernet network.  The router will respond with its MAC address.  The host will address the frame with the destination MAC of the router and the source MAC of itself and then transmit onto the Ethernet network where it will be switched according to destination MAC address.

 

by: giltjrPosted on 2006-02-21 at 06:48:30ID: 16009000

pseudocyber is 100% correct.  

The only thing I will add is is that some switches are called layer 3 switches.  This is really not switching this is routing (layer 3 or IP).  If a switch is a "layer 3 switch", it is really a switch and a router in one box.  The router part does know about layer 3, and thus IP, but the switching software does not.  

This is where some people get really confused because the network manufactures are making it look like you can switch IP, which you really can't, you switch layer 2 (Ethernet) and you route layer 3 (IP).  They are just putting the two functions into one box.  In some boxes you configure the layer 2 and layer 3 from the same configuration screen, like a Cisco 3550.  In others you actually have two independent managment interface that you configure in conjunction with each other, but seperately, like a Cisco 6500 with MSFC or a 7600 (a 7600 is really just a 6500 with the MSFC and PFC card installed by default).

 

by: rcasteelPosted on 2006-02-21 at 21:27:41ID: 16016025

First, You need to understand switching.  Switching is simply a process carried out using ASIC (Application Specific Integrated Circuits)  Routers and Bridges and switches are terms that are used interchangeably sometimes, but there are differences.  Routers operate at layer 3 and above and are aware of IP addresses.  A switch can do this also but it must be a Layer3 switch.  The primary difference in these two is speed.  ASIC technoology is much faster that software routing.  Layer 3 switches still use some software but the bulk of the work is carried out in ASIC hardware.  

Like wise Bridges and Layer 2 switches have the same relationship.  They operate at layer 2 and below and do not understand IP addresses.  Any Ip address assigned to a Layer-2 device is for accessing the management interface and has nothing to do with the actual operation of the device.

Layer 2 devices listen to traffic and remember the SENDER's MAC address and associates it with the physical port it recieved the packet on.  This allows the switch to remember where that computer is when it is time to send it a packet.  As mentioned in a previous comment, layer 2 devices do not ARP for addresses.  If they do not know which port to send the packet to, the device FLOODs the packet.  Flooding is different than broadcasting.  A broadcast is actually addressed to a MAC address of all FFFFFFFFFF.  Every device is obligated to pick up the packet and start processing it.  The device can decide to stop processing it once it realizes the packet does not apply to it, but It is required to pick it up.  Flooding is non-obligatory.  The packet is addressed to the same MAC address as when it entered the switch, the switch simply sends that packet to all ports..with out changing the MAC address to all FFFFFFF.  No device will pick up the packet unless it has the packets destination MAC address.   Broadcast packets are always flooded but flooded packets are not necessarily broadcast packets.

If the destination MAC address does not respond, the Layer 2 device could care less.  It has done its job...It has released the packet on the correct wire.  It is up to the end station sending the packet to decide the other end station is not there.


QUESTION 1. How will the switch know whether this packet has to send it to the default gateway or not?  

The Layer 2 switch does not determine this.  Actually the sending station has already made this decision and addressed the packet and ARPed for the target devices MAC address and placed that MAC address in the Packet's destination MAC address slot and released it on the wire.  The switch just looks at that MAC address and releases it to the correct wire if it is known and if it is not known, the switch floods the packet.

QUESTION 2. Will Switch maintain the destination adress as the mac-address of default-gateway for all the hosts in different subnet.
No but the sending station will...because it is the device that actually requested the MAC.  However the Sending station will know that it is not Privy to the far station's MAC adress because it is on a remote subnet that will never see the ARP packet.  The sending PC determines this by comparing its IP with the REMOTE IP.  Once it decides it is on the remote subnet, the packet is addressed to the default gateway with a ROUTE ME flag set.  Effectively, the sending computer will remember the router's MAC as the MAC of all remote devices.

The switch does something similar though.  It sees all devices on an uplink port as being on a single wire.  So if you have a hub that has 10 PCs on it, and that hub is plugged into the switch, the switch will see all of the 10 PCs as being plugged into a single port.  By the way, a hub simply floods all of the time.  It is a glorified repeater...absolutely no intelligence.

QUESTION 3.What will happen if we move the host from one switch to another switch (same subnet)within the MAX-age timer expires.
This can cause temporary problems on the network.  Most switches are smart enough to see that the PC moved from port to port but when it moves from switch to switch the network might get temporarily confused.  That is why the addresses expire.  If you stack the switches, they are normally pretty good about telling each other about the changes, but if you just uplink, you could get in a situation where the relocated PC was lost for a minute or two.  This is unlikely though since the first packet to hit the new switch gets flooded so the old switch would see the packet on a different port and delete its old entry.

Also please point me to some good links which will explain in depth of switching technology.
I would go to Cisco.com They have hundreds of white papers on this stuff.

If you want some interesting reading, look up the terms "split horizon"  "poison reverse" or "count to infinity" on the Cisco site.

Other interesting things dealing with Layer-2 switches include Virtual LANs (VLAN) and VLAN Trunking Protocol (VTP)

 

by: rcasteelPosted on 2006-02-21 at 21:36:05ID: 16016061

giltjr

You are correct about the confusion that manufacturers place on this terminology.  Most "switches" are bridges becuase they use software algorythms to determine packet release points.  

A layer 3 switch is just  a router with hardware implemented routing.  Cisco uses true Layer 3 switches to do their routing which is why their hardware has such a  high throughput.

Most vendors that package a router in the same box with a bridge often call the device a router...or  a switch which it is neither.   it is actually a brouter.

You will also see these devices referred to as a L1/2 switch

 

by: pseudocyberPosted on 2006-05-01 at 04:04:52ID: 16576444

I thought my post was good.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...