1. Home
  2. Cisco Certification
  3. Help with Redundant Topologys?

Help with Redundant Topologys?

Hi this is straight off the Cisco site

This page will explain how incorrect information can be forwarded in a redundant switched network.

In a redundant switched network it is possible for switches to learn the wrong information. A switch can incorrectly learn that a MAC address is on one port, when it is actually on a different port. In this example the MAC address of Router Y is not in the MAC address table of either switch.

Host X sends a frame directed to Router Y. Switches A and B learn the MAC address of Host X on port 0.

The frame to Router Y is flooded on port 1 of both switches. Switches A and B receive this information on port 1 and incorrectly learn the MAC address of Host X on port 1. When Router Y sends a frame to Host X, Switch A and Switch B also receive the frame and will send it out port

  1. This is unnecessary, but the switches have incorrectly learned that Host X is on port 1.

In this example the unicast frame from Router Y to Host X will be caught in a loop.

What I cant get my head around is why/how the switches have learnt Host X is on port 1 not port 0? Is it because the switches learn the MAC from their port 1? That doesnt seem to make any difference.

TIA

Reply to
gregg johnstone
Loading thread data ...

there are a couple of issues going on.

  1. the "source" for a frame may move around the network, so switches need to be able to overwrite a MAC to port "mapping" in their tables - think laptop using WLAN and roaming, but there are other examples.

because transparent bridging is "transparent" a bridged packet is identical to the original.

so - a loop means a switch may see some or all packets replicated and appearing on multiple ports.

detecting the actual replicas is complicated given the number of potential packets - and identical packets happen on real networks anyway.

so the only indicator of a loop is that some soource MACs appear on multiple ports, over a short timescale, and probably "bounce" between 2 or more ports fairly rapidly.

so - what is bridge / switch to do if you break spanning tree?

After all - you might have turned it off for a good reason..... eg it makes a good packet generator when you want to test if your network really can survive lots of broadcasts.

there are a couple of choices

a. "see" a MAC on a port and make it "stick" in the tables - all sorts of wierd problems with intermittent connectivity. b. just use the latest arrival with that source address to update the table - susceptible to a looppacket generator. c. do something complicated - like track "fast" changes and flag them up to a management system (that isnt running this month), and maybe limit the rate of change. d. look for "loadsa broadcasts" and rate limit or shut down ports - again false positives.....

c. is probably best, and some switches can do that - but it is complicated, so usually only on high end hardware.

And the end result may be "false positives" that cause issues. And it is only "real" when it happens within a single VLAN, so picking the port changes out of the noise isnt easy in the general case.

and anything "clever" like this tends to break when you get wierd topologies - my favorites are microsoft load balancing with multicast source MAC addresses, HSRP topology changes, and Sun boxes / link aggregation schemes that use the same MAC on all ports

Reply to
stephen

Many thanks for that- so it is possible for Identical packets to be sent at the same time? Therefore you could have identical MAC addys in the CAM table?Intrigiuiging FWIW I watched a Simpsons episode recently and they showed Marge sending an email to Arty Ziff via a Cisco "product" taht had seen better days!

Reply to
gregg johnstone

not exactly - but copies of packets do tend to get sent (or different packets but with identical contents)

so it can be difficult to work out which ones are valid, and which ones are forwarded copies via another bridge.

definitely - although in theory manufacturer assigned MACs are globally unique - nothing breaks unless there are 2 sources in the same layer 2 domain with the same MAC - and even then some special cases are OK.

it used to be common to have the same MAC in different VLANs - DECnet boxes forced that (and OSI - still common in telco networks).

in SNA networks often use manual MAC assignments, and the same MAC may be used in 2 or more different places for resilience (old Token Ring idea).

Reply to
stephen

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.