Mar
01

A key to the mastery of a CCENT-level of networking knowledge is to intimately understand the use of Layer 2 and Layer 3 addressing when two hosts communicate on the network.

This blog post will detail how these addresses are used during the network communications between two host devices (Personal Computers, PCs). Here is the topology that will be used in this example:
hosts
Here the system with the IP address of 192.168.1.100 (Host A) wants to communicate with the system at 192.168.1.200 (Host B). It obtains the destination IP address from a name resolution service (such as DNS). Host A quickly determines the devices are on the same network (subnet). It uses the Source and Destination IP Addresses and its own Subnet Mask in that calculation.  The following steps are then used for communication between the devices:

Step 1: The network application used for communication is using TCP. Host A creates a packet with the following information in the headers:
Layer 3 Source IP Address: 192.168.1.100
Layer 3 Destination IP Address: 192.168.1.200
TCP Setting: SYN
Layer 2 Source MAC Address: 0010:1111:1111
Layer 2 Destination MAC Address: ????:????:????

The TCP SYN setting indicates that the packet is a request for a reliable TCP connection. Notice that Host A does not possess the Layer 2 Destination MAC Address. It will check the ARP Cache for this information. Assuming the devices have not communicated before this, the ARP Cache will not possess this information.

Step 2: Host A prepares an ARP request to determine the Layer 2 MAC Address of Host B. The fields in this packet are as follows:
Layer 3 Source IP Address: 192.168.1.100
Layer 3 Destination IP Address: 192.168.1.200
Layer 2 Source MAC Address: 0010:1111:1111
Layer 2 Destination MAC Address: FFFF:FFFF:FFFF (Broadcast)

Step 3: Host B receives the ARP Request and responds with its MAC address information. It also updates its own ARP Cache with the name resolution information for Host A. This will eliminate the need for an ARP Broadcast to return information. The fields are as follows:
Layer 3 Source IP Address: 192.168.1.200
Layer 3 Destination IP Address: 192.168.1.100
Layer 2 Source MAC Address: 0010:1111:2222
Layer 2 Destination MAC Address: 0010:1111:1111

Step 4: Host A can now send the original TCP SYN request. The packet has the following information:
Layer 3 Source IP Address: 192.168.1.100
Layer 3 Destination IP Address: 192.168.1.200
TCP Setting: SYN
Layer 2 Source MAC Address: 0010:1111:1111
Layer 2 Destination MAC Address: 0010:1111:2222

Step 5: Host B responds to the TCP SYN with a TCP SYN ACK:
Layer 3 Source IP Address: 192.168.1.200
Layer 3 Destination IP Address: 192.168.1.100
TCP Setting: SYN ACK
Layer 2 Source MAC Address: 0010:1111:2222
Layer 2 Destination MAC Address: 0010:1111:1111

Step 6: Host A responds with the final phase of the TCP Three Way Handshake process and responds with an ACK.
Layer 3 Source IP Address: 192.168.1.100
Layer 3 Destination IP Address: 192.168.1.200
TCP Setting: ACK
Layer 2 Source MAC Address: 0010:1111:1111
Layer 2 Destination MAC Address: 0010:1111:2222

What if these devices were on different subnets? No problem. Host A would determine that, and engage in similar name resolution processes, but with the local router (default gateway) first. A later blog post will detail this process. Enjoy your entry-level Cisco studies!

Feb
05

Within the scope of Metro Ethernet services, it is often beneficial to provide customers "point-to-point" VLAN service, where VLAN (multipoint service in essence) is effectively set up to emulate ethernet "pseudowire", by disabling MAC-address learning. The benefit comes from saving metro switches CAM tables address space, thus improving overall scalability (which is far from perfect with Ethernet). There is special command, mac address-table learning available on Cisco Metro swtiches (e.g. ME 3400) which allows to disable MAC-address learning per specific VLAN. However, many commonly used switches does not have this feature implemented. Still, there is a way to disable MAC-address learning on a group of ports, by using RSPAN VLAN feature. By it's functional design, RSPAN VLAN does not learn MAC addresses. However, we are not allowed to assign this type of VLAN directy to switch access ports. Still, we may overcome this issue by configuring switchports as trunk with a single allowed VLAN (RSPAN VLAN) which is also configured as native:

vtp mode transparent
!
vlan 555
remote-span
!
interface range Fa 0/1 - 3
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 555
switchport trunk native vlan 555

This configuration is applicable to any switch that supports RSPAN functionality. Specifically, it was verified on Catalyst 3550 series.

Subscribe to INE Blog Updates

New Blog Posts!