How does ARP work on multilayer (Cisco) switches
Clash Royale CLAN TAG#URR8PPP
I'm going to develop an example scenario here:
There is a computer that is connected to an interface on the switch that has been assigned VLAN2 and another computer on an interface that has been assigned VLAN3. A router on a stick is connected to a no switchport port on the switch with the default route set to the IP of that interface. 2 SVIs have been set up for each of the VLANs, each with individual IPs and subnet masks and MAC addresses. The default gateways of the computers are set to the IP addresses of their corresponding SVIs (which cisco documentation tells us to do : https://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3-intervlanrouting.html).
Computer 1 wishes to send a packet to the internet, IDK, to the ISP DNS server for instance. Let's say computer 1 doesn't know the MAC address of its default gateway so sends an ARP with the broadcast address.
Typically, if it were a L2 switch then it would just flood the ARP request to all ports on the VLAN which includes the trunk to the gateway; however, my question concerns L3-aware switches where the default gateway is indeed on the switch itself (in the form of the SVI). How does the switch recognise this and NOT flood to all the ports on the switch in the VLAN. Does the switch just specially detect broadcast packets, check to see if it's an ARP, check to see if the destination belongs to one of its SVIs and return the MAC, if not, flood to all ports on the VLAN?
cisco switch arp
edited Jan 27 at 15:27
jonathanjo
11.5k1934
asked Jan 27 at 15:12
Lewis KelseyLewis Kelsey
84
|
show 1 more comment
I'm going to develop an example scenario here:
There is a computer that is connected to an interface on the switch that has been assigned VLAN2 and another computer on an interface that has been assigned VLAN3. A router on a stick is connected to a no switchport port on the switch with the default route set to the IP of that interface. 2 SVIs have been set up for each of the VLANs, each with individual IPs and subnet masks and MAC addresses. The default gateways of the computers are set to the IP addresses of their corresponding SVIs (which cisco documentation tells us to do : https://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3-intervlanrouting.html).
Computer 1 wishes to send a packet to the internet, IDK, to the ISP DNS server for instance. Let's say computer 1 doesn't know the MAC address of its default gateway so sends an ARP with the broadcast address.
Typically, if it were a L2 switch then it would just flood the ARP request to all ports on the VLAN which includes the trunk to the gateway; however, my question concerns L3-aware switches where the default gateway is indeed on the switch itself (in the form of the SVI). How does the switch recognise this and NOT flood to all the ports on the switch in the VLAN. Does the switch just specially detect broadcast packets, check to see if it's an ARP, check to see if the destination belongs to one of its SVIs and return the MAC, if not, flood to all ports on the VLAN?
cisco switch arp
edited Jan 27 at 15:27
jonathanjo
11.5k1934
asked Jan 27 at 15:12
Lewis KelseyLewis Kelsey
84
1
Hi Lewis and welcome .. what does IDK mean?
– jonathanjo
Jan 27 at 15:28
1
A layer-3 switch is first a layer-2 switch. An SVI is just like any other host connected to the VLAN. A VLAN is a broadcast domain, so any broadcasts get sent to all other interfaces in the VLAN.
– Ron Maupin♦
Jan 27 at 17:48
1
@jonathanjo 'I don't know'
– djsmiley2k
Jan 27 at 18:11
Your scenario is a little confused. A "router on a stick" is used to route between VLANs in a layer 2 only switch via a VLAN trunk port. A "no switchport" interface has an IP address. If you connect this to a router, the router is no longer "on a stick".
– grahamj42
Jan 27 at 19:22
@RonMaupin Interesting, thanks
– Lewis Kelsey
Jan 28 at 11:23
|
show 1 more comment
I'm going to develop an example scenario here:
There is a computer that is connected to an interface on the switch that has been assigned VLAN2 and another computer on an interface that has been assigned VLAN3. A router on a stick is connected to a no switchport port on the switch with the default route set to the IP of that interface. 2 SVIs have been set up for each of the VLANs, each with individual IPs and subnet masks and MAC addresses. The default gateways of the computers are set to the IP addresses of their corresponding SVIs (which cisco documentation tells us to do : https://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3-intervlanrouting.html).
Computer 1 wishes to send a packet to the internet, IDK, to the ISP DNS server for instance. Let's say computer 1 doesn't know the MAC address of its default gateway so sends an ARP with the broadcast address.
Typically, if it were a L2 switch then it would just flood the ARP request to all ports on the VLAN which includes the trunk to the gateway; however, my question concerns L3-aware switches where the default gateway is indeed on the switch itself (in the form of the SVI). How does the switch recognise this and NOT flood to all the ports on the switch in the VLAN. Does the switch just specially detect broadcast packets, check to see if it's an ARP, check to see if the destination belongs to one of its SVIs and return the MAC, if not, flood to all ports on the VLAN?
cisco switch arp
edited Jan 27 at 15:27
jonathanjo
11.5k1934
asked Jan 27 at 15:12
Lewis KelseyLewis Kelsey
84
I'm going to develop an example scenario here:
There is a computer that is connected to an interface on the switch that has been assigned VLAN2 and another computer on an interface that has been assigned VLAN3. A router on a stick is connected to a no switchport port on the switch with the default route set to the IP of that interface. 2 SVIs have been set up for each of the VLANs, each with individual IPs and subnet masks and MAC addresses. The default gateways of the computers are set to the IP addresses of their corresponding SVIs (which cisco documentation tells us to do : https://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3-intervlanrouting.html).
Computer 1 wishes to send a packet to the internet, IDK, to the ISP DNS server for instance. Let's say computer 1 doesn't know the MAC address of its default gateway so sends an ARP with the broadcast address.
Typically, if it were a L2 switch then it would just flood the ARP request to all ports on the VLAN which includes the trunk to the gateway; however, my question concerns L3-aware switches where the default gateway is indeed on the switch itself (in the form of the SVI). How does the switch recognise this and NOT flood to all the ports on the switch in the VLAN. Does the switch just specially detect broadcast packets, check to see if it's an ARP, check to see if the destination belongs to one of its SVIs and return the MAC, if not, flood to all ports on the VLAN?
cisco switch arp
cisco switch arp
edited Jan 27 at 15:27
jonathanjo
11.5k1934
asked Jan 27 at 15:12
Lewis KelseyLewis Kelsey
84
edited Jan 27 at 15:27
jonathanjo
11.5k1934
asked Jan 27 at 15:12
Lewis KelseyLewis Kelsey
84
edited Jan 27 at 15:27
jonathanjo
11.5k1934
edited Jan 27 at 15:27
jonathanjo
11.5k1934
edited Jan 27 at 15:27
jonathanjo
11.5k1934
11.5k1934
asked Jan 27 at 15:12
Lewis KelseyLewis Kelsey
84
asked Jan 27 at 15:12
Lewis KelseyLewis Kelsey
84
asked Jan 27 at 15:12
Lewis KelseyLewis Kelsey
84
84
1
Hi Lewis and welcome .. what does IDK mean?
– jonathanjo
Jan 27 at 15:28
1
A layer-3 switch is first a layer-2 switch. An SVI is just like any other host connected to the VLAN. A VLAN is a broadcast domain, so any broadcasts get sent to all other interfaces in the VLAN.
– Ron Maupin♦
Jan 27 at 17:48
1
@jonathanjo 'I don't know'
– djsmiley2k
Jan 27 at 18:11
Your scenario is a little confused. A "router on a stick" is used to route between VLANs in a layer 2 only switch via a VLAN trunk port. A "no switchport" interface has an IP address. If you connect this to a router, the router is no longer "on a stick".
– grahamj42
Jan 27 at 19:22
@RonMaupin Interesting, thanks
– Lewis Kelsey
Jan 28 at 11:23
|
show 1 more comment
1
Hi Lewis and welcome .. what does IDK mean?
– jonathanjo
Jan 27 at 15:28
1
A layer-3 switch is first a layer-2 switch. An SVI is just like any other host connected to the VLAN. A VLAN is a broadcast domain, so any broadcasts get sent to all other interfaces in the VLAN.
– Ron Maupin♦
Jan 27 at 17:48
1
@jonathanjo 'I don't know'
– djsmiley2k
Jan 27 at 18:11
Your scenario is a little confused. A "router on a stick" is used to route between VLANs in a layer 2 only switch via a VLAN trunk port. A "no switchport" interface has an IP address. If you connect this to a router, the router is no longer "on a stick".
– grahamj42
Jan 27 at 19:22
@RonMaupin Interesting, thanks
– Lewis Kelsey
Jan 28 at 11:23
1
1
Hi Lewis and welcome .. what does IDK mean?
– jonathanjo
Jan 27 at 15:28
Hi Lewis and welcome .. what does IDK mean?
– jonathanjo
Jan 27 at 15:28
1
1
A layer-3 switch is first a layer-2 switch. An SVI is just like any other host connected to the VLAN. A VLAN is a broadcast domain, so any broadcasts get sent to all other interfaces in the VLAN.
– Ron Maupin♦
Jan 27 at 17:48
A layer-3 switch is first a layer-2 switch. An SVI is just like any other host connected to the VLAN. A VLAN is a broadcast domain, so any broadcasts get sent to all other interfaces in the VLAN.
– Ron Maupin♦
Jan 27 at 17:48
1
1
@jonathanjo 'I don't know'
– djsmiley2k
Jan 27 at 18:11
@jonathanjo 'I don't know'
– djsmiley2k
Jan 27 at 18:11
Your scenario is a little confused. A "router on a stick" is used to route between VLANs in a layer 2 only switch via a VLAN trunk port. A "no switchport" interface has an IP address. If you connect this to a router, the router is no longer "on a stick".
– grahamj42
Jan 27 at 19:22
Your scenario is a little confused. A "router on a stick" is used to route between VLANs in a layer 2 only switch via a VLAN trunk port. A "no switchport" interface has an IP address. If you connect this to a router, the router is no longer "on a stick".
– grahamj42
Jan 27 at 19:22
@RonMaupin Interesting, thanks
– Lewis Kelsey
Jan 28 at 11:23
@RonMaupin Interesting, thanks
– Lewis Kelsey
Jan 28 at 11:23
|
show 1 more comment
1 Answer
1
active
oldest
votes
The correct behaviour is to flood the broadcast ARP request out of all appropriate interfaces: any ethernet sockets appropriate configured, and also to the internal router device.
This is necessary in case some other device on the (V)LAN responds to the ARP.
The internal device should then respond to the ARP in the ordinary way.
answered Jan 27 at 15:24
jonathanjojonathanjo
11.5k1934
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "496"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f56426%2fhow-does-arp-work-on-multilayer-cisco-switches%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The correct behaviour is to flood the broadcast ARP request out of all appropriate interfaces: any ethernet sockets appropriate configured, and also to the internal router device.
This is necessary in case some other device on the (V)LAN responds to the ARP.
The internal device should then respond to the ARP in the ordinary way.
answered Jan 27 at 15:24
jonathanjojonathanjo
11.5k1934
add a comment |
The correct behaviour is to flood the broadcast ARP request out of all appropriate interfaces: any ethernet sockets appropriate configured, and also to the internal router device.
This is necessary in case some other device on the (V)LAN responds to the ARP.
The internal device should then respond to the ARP in the ordinary way.
answered Jan 27 at 15:24
jonathanjojonathanjo
11.5k1934
add a comment |
The correct behaviour is to flood the broadcast ARP request out of all appropriate interfaces: any ethernet sockets appropriate configured, and also to the internal router device.
This is necessary in case some other device on the (V)LAN responds to the ARP.
The internal device should then respond to the ARP in the ordinary way.
answered Jan 27 at 15:24
jonathanjojonathanjo
11.5k1934
The correct behaviour is to flood the broadcast ARP request out of all appropriate interfaces: any ethernet sockets appropriate configured, and also to the internal router device.
This is necessary in case some other device on the (V)LAN responds to the ARP.
The internal device should then respond to the ARP in the ordinary way.
answered Jan 27 at 15:24
jonathanjojonathanjo
11.5k1934
answered Jan 27 at 15:24
jonathanjojonathanjo
11.5k1934
answered Jan 27 at 15:24
jonathanjojonathanjo
11.5k1934
answered Jan 27 at 15:24
jonathanjojonathanjo
11.5k1934
11.5k1934
add a comment |
add a comment |
Thanks for contributing an answer to Network Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f56426%2fhow-does-arp-work-on-multilayer-cisco-switches%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Hi Lewis and welcome .. what does IDK mean?
– jonathanjo
Jan 27 at 15:28
1
A layer-3 switch is first a layer-2 switch. An SVI is just like any other host connected to the VLAN. A VLAN is a broadcast domain, so any broadcasts get sent to all other interfaces in the VLAN.
– Ron Maupin♦
Jan 27 at 17:48
1
@jonathanjo 'I don't know'
– djsmiley2k
Jan 27 at 18:11
Your scenario is a little confused. A "router on a stick" is used to route between VLANs in a layer 2 only switch via a VLAN trunk port. A "no switchport" interface has an IP address. If you connect this to a router, the router is no longer "on a stick".
– grahamj42
Jan 27 at 19:22
@RonMaupin Interesting, thanks
– Lewis Kelsey
Jan 28 at 11:23