Help with Redundant Topologys?

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Hi this is straight off the Cisco site

This page will explain how incorrect information can be forwarded in a
redundant switched network.

In a redundant switched network it is possible for switches to learn
the wrong information. A switch can incorrectly learn that a MAC
address is on one port, when it is actually on a different port. In
this example the MAC address of Router Y is not in the MAC address
table of either switch.

Host X sends a frame directed to Router Y. Switches A and B learn the
MAC address of Host X on port 0.

The frame to Router Y is flooded on port 1 of both switches. Switches A
and B receive this information on port 1 and incorrectly learn the MAC
address of Host X on port 1. When Router Y sends a frame to Host X,
Switch A and Switch B also receive the frame and will send it out port
1. This is unnecessary, but the switches have incorrectly learned that
Host X is on port 1.

In this example the unicast frame from Router Y to Host X will be
caught in a loop.

What I cant get my head around is why/how the switches have learnt Host
X is on port 1 not port 0? Is it because the switches learn the MAC
from their port 1? That doesnt seem to make any difference.


Re: Help with Redundant Topologys?
Quoted text here. Click to load it

there are a couple of issues going on.

1. the "source" for a frame may move around the network, so switches need to
be able to overwrite a MAC to port "mapping" in their tables - think laptop
using WLAN and roaming, but there are other examples.

because transparent bridging is "transparent" a bridged packet is identical
to the original.

so - a loop means a switch may see some or all packets replicated and
appearing on multiple ports.

detecting the actual replicas is complicated given the number of potential
packets - and identical packets happen on real networks anyway.

so the only indicator of a loop is that some soource MACs appear on multiple
ports, over a short timescale, and probably "bounce" between 2 or more ports
fairly rapidly.

so - what is bridge / switch to do if you break spanning tree?

After all - you might have turned it off for a good reason..... eg it makes
a good packet generator when you want to test if your network really can
survive lots of broadcasts.

there are a couple of choices

a. "see" a MAC on a port and make it "stick" in the tables - all sorts of
wierd problems with intermittent connectivity.
b. just use the latest arrival with that source address to update the
table - susceptible to a looppacket generator.
c. do something complicated - like track "fast" changes and flag them up to
a management system (that isnt running this month), and maybe limit the rate
of change.
d. look for "loadsa broadcasts" and rate limit or shut down ports - again
false positives.....

c. is probably best, and some switches can do that - but it is complicated,
so usually only on high end hardware.

And the end result may be "false positives" that cause issues. And it is
only "real" when it happens within a single VLAN, so picking the port
changes out of the noise isnt easy in the general case.

and anything "clever" like this tends to break when you get wierd
topologies - my favorites are microsoft load balancing with multicast source
MAC addresses, HSRP topology changes, and Sun boxes / link aggregation
schemes that use the same MAC on all ports
Quoted text here. Click to load it
Regards - replace xyz with ntl

Re: Help with Redundant Topologys?

stephen wrote:
Quoted text here. Click to load it

Many thanks for that- so it is possible for Identical packets to be
sent at the same time?
Therefore you could have identical MAC addys in the CAM
FWIW I watched a Simpsons episode recently and they showed Marge
sending an email to Arty Ziff via a Cisco "product" taht had seen
better days!

Re: Help with Redundant Topologys?
Quoted text here. Click to load it
need to

not exactly - but copies of packets do tend to get sent (or different
packets but with identical contents)

so it can be difficult to work out which ones are valid, and which ones are
forwarded copies via another bridge.

Quoted text here. Click to load it

definitely - although in theory manufacturer assigned MACs are globally
unique - nothing breaks unless there are 2 sources in the same layer 2
domain with the same MAC - and even then some special cases are OK.

it used to be common to have the same MAC in different VLANs - DECnet boxes
forced that (and OSI - still common in telco networks).

in SNA networks often use manual MAC assignments, and the same MAC may be
used in 2 or more different places for resilience (old Token Ring idea).

Quoted text here. Click to load it
Regards - replace xyz with ntl

Site Timeline