1 00:00:00,000 --> 00:00:01,749 In this Nugget, we're going to take a look 2 00:00:01,749 --> 00:00:03,410 at additional scenarios regarding 3 00:00:03,410 --> 00:00:06,230 certain types of traffic going to a switch network 4 00:00:06,230 --> 00:00:09,260 to predict what the MAC address tables look 5 00:00:09,260 --> 00:00:12,110 like on the switch after that specific traffic is 6 00:00:12,110 --> 00:00:14,120 sent through the network. 7 00:00:14,120 --> 00:00:15,680 And for this scenario, let's predict 8 00:00:15,680 --> 00:00:17,060 what the MAC address tables would 9 00:00:17,060 --> 00:00:18,470 look like on the switches. 10 00:00:18,470 --> 00:00:21,200 When we do a ping from PC-1 1 to PC-4 11 00:00:21,200 --> 00:00:22,940 we're starting off with clean MAC address 12 00:00:22,940 --> 00:00:26,279 tables and clear ARP caches on all of our devices. 13 00:00:26,279 --> 00:00:28,070 And as the switch is building these tables, 14 00:00:28,070 --> 00:00:30,800 we know it's building it based on these source MAC addresses 15 00:00:30,800 --> 00:00:32,696 in frames as they come into the switch. 16 00:00:32,696 --> 00:00:34,070 So in this discussion we can just 17 00:00:34,070 --> 00:00:36,460 focus on traffic going into the switch. 18 00:00:36,460 --> 00:00:38,450 So, a ping from PC-1 to PC-4. 19 00:00:38,450 --> 00:00:40,130 So PC-1 is here. 20 00:00:40,130 --> 00:00:41,850 PC-4 is here. 21 00:00:41,850 --> 00:00:43,376 They're in the same VLAN. 22 00:00:43,376 --> 00:00:45,500 And we have a trunk going between the two switches. 23 00:00:45,500 --> 00:00:48,260 If PC-1 doesn't know the layer 2 address of PC-4, 24 00:00:48,260 --> 00:00:49,640 it's going to do an ARP request. 25 00:00:49,640 --> 00:00:51,590 And that traffic would go in on this port 26 00:00:51,590 --> 00:00:52,790 right here on the switch. 27 00:00:52,790 --> 00:00:54,890 And that would be one of our entries in the MAC address 28 00:00:54,890 --> 00:00:55,389 table. 29 00:00:55,389 --> 00:00:59,050 It would be the MAC address of PC-1, ending in 6801, 30 00:00:59,050 --> 00:01:02,280 that's reachable off Gig 01 on VLAN 100. 31 00:01:02,280 --> 00:01:06,200 So it's going to be VLAN 100, MAC address of PC-1 ending 32 00:01:06,200 --> 00:01:10,460 in 6810, and that's on Gig 0/1. 33 00:01:10,460 --> 00:01:13,670 That traffic would also be forwarded over to Switch-2. 34 00:01:13,670 --> 00:01:15,890 It would be received on Gig 0/1. 35 00:01:15,890 --> 00:01:19,730 And so on Gig 0/1 on Switch-2, it would also know about 36 00:01:19,730 --> 00:01:23,670 the MAC address of PC-1 ending in 6810, 37 00:01:23,670 --> 00:01:27,500 which is in VLAN 100 because of the 802.1Q tag that Switch-2 38 00:01:27,500 --> 00:01:30,200 saw on that frame as it came in. 39 00:01:30,200 --> 00:01:32,810 And then when PC-4 responds with an ARP reply, 40 00:01:32,810 --> 00:01:35,640 that's going to go into the switch here on Gig 1/1. 41 00:01:35,640 --> 00:01:38,340 So that's Gig 1/1 right there. 42 00:01:38,340 --> 00:01:42,520 That's the MAC address of PC-4 at 6804. 43 00:01:42,520 --> 00:01:46,230 And that access port, Gig 1/1, is in VLAN 100. 44 00:01:46,230 --> 00:01:48,470 Then because Switch-2 is forwarding a frame destined 45 00:01:48,470 --> 00:01:51,350 for 6801, based on its MAC address table, 46 00:01:51,350 --> 00:01:53,210 it knows it needs to forward it that way. 47 00:01:53,210 --> 00:01:56,200 So it sends the frame this way that's received by Gig 0/0 48 00:01:56,200 --> 00:01:57,170 on Switch-1. 49 00:01:57,170 --> 00:01:59,900 So on Gig 0/0, Switch-1 now learns 50 00:01:59,900 --> 00:02:02,960 about the MAC address of PC-4 from its source MAC address. 51 00:02:02,960 --> 00:02:05,330 And this MAC address is ending in 6804. 52 00:02:05,330 --> 00:02:07,970 And that's also in VLAN 100, because the frame going this 53 00:02:07,970 --> 00:02:10,639 way also was tagged with the 802.1Q tag, 54 00:02:10,639 --> 00:02:13,020 indicating that frame belonged to VLAN 100. 55 00:02:13,020 --> 00:02:15,020 And then that response would make it up to PC-1. 56 00:02:15,020 --> 00:02:19,376 And then as PC-1 sends the ICMP ping request over to PC-4, 57 00:02:19,376 --> 00:02:20,750 there's nothing new to be learned 58 00:02:20,750 --> 00:02:23,690 by either switch there from PC-1 source MAC address, 59 00:02:23,690 --> 00:02:25,010 nor for the ping replies. 60 00:02:25,010 --> 00:02:27,680 It goes back, because Switch-1 and -2 have already 61 00:02:27,680 --> 00:02:31,790 memorized PC-1 and PC-4's MAC addresses, respectively. 62 00:02:31,790 --> 00:02:33,174 I've got some aliases in place. 63 00:02:33,174 --> 00:02:34,340 One of them is called clean. 64 00:02:34,340 --> 00:02:35,840 And if we issue that command, it'll 65 00:02:35,840 --> 00:02:38,300 clear out the dynamically learned addresses 66 00:02:38,300 --> 00:02:39,510 in the MAC address table. 67 00:02:39,510 --> 00:02:41,900 I've also got an alias called smt, which will 68 00:02:41,900 --> 00:02:43,360 show the MAC address table. 69 00:02:43,360 --> 00:02:45,290 So on both switches, we'll issue the alias 70 00:02:45,290 --> 00:02:47,510 clean to clear the MAC address tables, 71 00:02:47,510 --> 00:02:50,894 and then we'll go to PC-1 and do our ping. 72 00:02:50,894 --> 00:02:51,810 So we're here on PC-1. 73 00:02:51,810 --> 00:02:54,060 We'll do a show ARP, just to validate 74 00:02:54,060 --> 00:02:56,940 there's nothing in the ARP cache on this local computer. 75 00:02:56,940 --> 00:02:58,180 And we'll do our ping. 76 00:02:58,180 --> 00:03:02,190 And PC-4 is at 10.100.0.4. 77 00:03:02,190 --> 00:03:03,360 We'll issue that ping. 78 00:03:03,360 --> 00:03:04,240 And that looks great. 79 00:03:04,240 --> 00:03:06,480 Now we'll go take a look at the MAC address tables 80 00:03:06,480 --> 00:03:09,020 over on Switch-1 and Switch-2. 81 00:03:09,020 --> 00:03:11,340 So over on Switch-1 we'll issue the command show 82 00:03:11,340 --> 00:03:14,580 mac address dash table, using the alias of smt 83 00:03:14,580 --> 00:03:15,990 on this Cisco switch. 84 00:03:15,990 --> 00:03:18,780 And we'll do the same over here on Switch-2. 85 00:03:18,780 --> 00:03:21,750 And that indeed does match our prediction here on Switch-1. 86 00:03:21,750 --> 00:03:24,270 So we have the MAC addresses of PC-1 and PC-4, 87 00:03:24,270 --> 00:03:29,580 respectively, both in VLAN 100, reachable via ports Gig 0/1 88 00:03:29,580 --> 00:03:32,220 and the trunk of Gig 0/0. 89 00:03:32,220 --> 00:03:35,970 And then on Switch-2, we've got the two VLAN 100 entries-- 90 00:03:35,970 --> 00:03:38,280 one for PC-1, one for PC-4-- 91 00:03:38,280 --> 00:03:40,710 reachable off of the trunk on Switch-2. 92 00:03:40,710 --> 00:03:43,350 And on Switch-2 the local port of Gig 1/1 93 00:03:43,350 --> 00:03:45,570 to reach the MAC address of PC-4. 94 00:03:45,570 --> 00:03:49,950 We also dynamically learned a MAC address ending in DE00. 95 00:03:49,950 --> 00:03:52,800 And that's a MAC address over on Switch-1, 96 00:03:52,800 --> 00:03:54,780 on it's trunk interface, that had 97 00:03:54,780 --> 00:03:57,361 generated at least one frame of traffic on its own. 98 00:03:57,361 --> 00:03:58,860 And that's why it's showing up here. 99 00:03:58,860 --> 00:04:00,969 It's not related to our VLAN 100 traffic. 100 00:04:00,969 --> 00:04:02,760 But indeed, this MAC address is showing up, 101 00:04:02,760 --> 00:04:04,490 and that's the reason why. 102 00:04:04,490 --> 00:04:06,750 In this Nugget, we've done an additional scenario 103 00:04:06,750 --> 00:04:09,630 where we generate some traffic over a switched, trunked 104 00:04:09,630 --> 00:04:12,990 network, made predictions on the MAC address table that 105 00:04:12,990 --> 00:04:15,780 would be on both switches, and then verified that 106 00:04:15,780 --> 00:04:18,630 by implementing that traffic in our lab scenario. 107 00:04:18,630 --> 00:04:20,610 I hope this has been informative for you, 108 00:04:20,610 --> 00:04:23,946 and I'd like to thank you for viewing. 109 00:04:23,946 --> 00:04:24,445