+ Reply to Thread
Results 1 to 4 of 4
  1. Junior Member Registered Member
    Join Date
    Sep 2017
    Posts
    1
    #1

    Default A Quick question regarding Filtering in switching

    Hi All,

    New to the forum, so if i'm posting in the wrong place please let me know!

    I'm studying for my CCNA exam, I have had very little exposure to networking, but do have some basic knowledge due to my 1st and 2nd IT support jobs I've worked in. So expect more questions

    My question is;


    When a switch receives a frame, it first checks the source's MAC address, to begin building it's internal MAC address table.

    If it doesn't have the MAC address on it's list, it chooses to 'flood' every port.
    When it does have the MAC address, it chooses to 'forward' to the port indicated on it's list of MAC addresses.
    But if the switch sees that the MAC address is the same for both the source and the destination, it 'drops' the frame.

    So, the switch has incorrectly added (for example) Host1 and Host2 to its list as being on the same port.

    But what about when Host1 needs to send a frame to Host2? It will just continue to drop every frame that's being sent? Surely that means the information will never get to its destination?

    I Hope this makes sense!

    thanks in advance!
    Reply With Quote Quote  

  2. SS -->
  3. Member
    Join Date
    Aug 2016
    Location
    Richmond, VA
    Posts
    45

    Certifications
    A+, Net+, Sec+, Project+, Linux+/LPIC-1, CCNA Sec,R&S
    #2
    How would both hosts get on the same port? If it's a trunk port, both MACs would be listed, but that switch would never have to process the frame from Host1 to Host2 since the downstream switch would be handling it via unicast within itself.

    Maybe I'm being shortsighted, but I guess I can't envision that in a real world scenario.

    Something you could see, though, would be two hosts on separate interfaces with the same MAC. There are small cases where a NIC vendor screws up and duplicates the MAC, and sometimes they end up in the same batch of machines delivered to the same company. Or there's plenty of software that can spoof your MAC. In that case, you'd constantly be fighting for position in the MAC table, and you'd likely see MAC flapping which could err-disable your ports.
    Reply With Quote Quote  

  4. Member awitt11's Avatar
    Join Date
    Aug 2010
    Location
    Missouri
    Posts
    36

    Certifications
    ITIL v3
    #3
    This situation would happen if Host1 and Host2 were connected to a Hub, and the Hub connected to the switch. A Hub always floods traffic out all ports. So, the switch would be correct to drop those frames.
    Reply With Quote Quote  

  5. Member
    Join Date
    Aug 2016
    Location
    Richmond, VA
    Posts
    45

    Certifications
    A+, Net+, Sec+, Project+, Linux+/LPIC-1, CCNA Sec,R&S
    #4
    Right, but traffic would still make it from host1 to host2 via the hub, even though the upstream switch is filtering the traffic.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks