Lab 5 Goals
● Understand Ethernet MAC addressing
● Understand Address Resolution Protocol
● Observe how Cisco® switches use MAC addresses
Requirements:
Cisco switch with Lab 1-3 configuration
2 PCs with Ethernet ports, one with COM port. IP addresses shown above.
Cisco rollover cable
2 Ethernet cables
Understanding Ethernet MAC addresses and frames is critical to managing Cisco switches. The CCNA exam will cover Layer 2 switching, and Ethernet MAC addressing is a critical component for the exam. The following points need to be memorized:
• Ethernet is a Layer 2 protocol.
• Ethernet addresses are composed of 48 bits, written as 12 hexadecimal digits.
An Ethernet address is composed of 2 parts:
• 24 bits (six hexadecimal digits) for vendor identification, also called the “Organizationally Unique Identifier”, or OUI
• 24 bits (six hexadecimal digits) for card or interface identification
Example: 00-19-D2-49-1E-ED
• 00-19-D2 is the vendor identifier for the card manufacturer, Intel
• 49-1E-ED is the card identifier
Each Ethernet device has the address permanently encoded on, or “burned in” to the card or interface. The MAC Address is also called the “BIA” or “burned-in address.” The BIA, or local address, is included in every Ethernet frame as the “source address”, or the address of the device transmitting the data.
Commands to display BIA MAC addresses:
- Windows: ipconfig /all
- Linux: ifconfig or ifconfig -a
- Cisco: show version, show interface Fa0/x
The display of the Ethernet MAC Address is different for each operating system (O/S)
- Windows: 00-19-D2-49-1E-ED
- Linux: 00:19:D2:49:1E:ED
- Cisco uses different formats: 00:19:D2:49:1E:ED or 0019.D249.1EED
Cisco gives each switch an overall Ethernet address, and each interface on the switch with a unique address based on the overall address. These addresses are displayed by the show version command, and the show interface Fa0/x command. The addresses are related, varying only in the last byte. The value of the last hexadecimal digits increments by the port number. Example:
Switch Ethernet Address : 00:0F:90:41:9B:00
Interface Fa0/1 : 000f.9041.9b01
Interface Fa0/2 : 000f.9041.9b02
Interface Fa0/3 : 000f.9041.9b03
.
Interface Fa012 : 000f.9041.9b0c
These addresses are critical to multi-switch networks for Spanning Tree (to follow soon), but are not important to the end devices (workstations, servers, routers, etc.) that use the switches. Cisco uses “transparent switching”, which was based on “transparent bridging”. “Transparent” means that the workstations, servers, and routers attached to a switch are unaware of the function of the switch infrastructure. They are only concerned with the MAC addresses of the end devices, not the switches that carry the data.
Switches use the same process to learn Ethernet addresses that all Ethernet devices use: reading the source address field of every Ethernet frame that it receives. A switch create a table of the known MAC addresses and the interfaces that support the connected devices. To display the MAC Address table:
testlabsw1# show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 000f.9041.9b00 STATIC CPU
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0100.0cdd.dddd STATIC CPU
1 0011.9354.7230 DYNAMIC Fa0/2
1 0018.18df.3281 DYNAMIC Fa0/1
402 0000.0c07.acc6 DYNAMIC Fa0/6
402 000e.0cc7.04d2 DYNAMIC Fa0/16
402 0012.1ea2.6cb0 DYNAMIC Fa0/19
402 0060.2e02.aee3 DYNAMIC Fa0/15
402 0080.8c02.70e1 DYNAMIC Fa0/23
402 00e0.1eae.cdc8 DYNAMIC Fa0/14
402 c288.6060.0d83 DYNAMIC Fa0/12
403 0000.0c07.ac03 DYNAMIC Fa0/3
403 000e.0c5c.d8b0 DYNAMIC Fa0/10
403 0010.db65.66c0 DYNAMIC Fa0/8
403 0018.19c1.0ac1 DYNAMIC Fa0/9
404 0011.9354.7241 DYNAMIC Fa0/4
410 0011.9354.7242 DYNAMIC Fa0/5
There are two types of addresses: Static and Dynamic. The “Static” addresses are internal to the switch. The “Dynamic” addresses are the MAC addresses of the devices connected to the ports. Our primary concern is the dynamic addresses. The switch learns addresses “dynamically” by reading the source addresses of frames that entered the switch. The switch uses these MAC addresses to create the MAC addresses table, or the list of addresses and the ports from which those addresses entered the switch. The switch then uses the MAC address table to deliver, or forward, data. The switch reads the Destination Address in each Ethernet frame, and delivers the data to the port associated with the Ethernet address. A example from the above table:
403 0000.0c07.ac03 DYNAMIC Fa0/3
403 000e.0c5c.d8b0 DYNAMIC Fa0/10
403 0010.db65.66c0 DYNAMIC Fa0/8
403 0018.19c1.0ac1 DYNAMIC Fa0/9
The process of delivering an Ethernet frame to the correct port is called “Frame Forwarding”. The process:
- The computer on FA0/3 creates a frame of data with the MAC address of the destination device: 0018.19c1.0ac1, in the Destination field.
- The computer puts its own MAC address in the Source field: 0000.0c07.ac03
- The source computer sends the Ethernet frame to the switch.
- The switch reads the destination address field, 0018.19c1.0ac1
- The switch then checks the MAC address table to find the interface for that device: Fa0/9
- The switch forwards the Ethernet frame to interface Fa0/9
MAC Address learning
If a new device with MAC address 0071.0c24.bd03 is connected to interface Fa0/7, the switch will have no information about the device until it transmits data for the first time. When the new device transmits data the first time,
- the switch reads the source address in the Ethernet frame
- the switch checks the MAC Address Table to see if the MAC address exists in the table. It does not.
Since it is a new device, the switch does not have the address in the MAC Address table for it. When the device transmits data for the first time, the switch will create a new entry in the MAC address table:
403 0071.0c24.bd03 DYNAMIC Fa0/7
The switch uses this information to deliver data to this device.
Exercise:
Before starting the lab, configure two PCs with the IP addresses shown in the diagram: 192.168.1.2 255.255.255.0 and 192.168.1.3 255.255.255.0. Do not connect the PCs to the Ethernet ports on the switch until Step 4 below.
1.Use the console connection, display the switch internal MAC address:
testlabsw1#show version
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA6, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by cisco Systems, Inc.
.
(lines omitted)
.
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:09:43:CB:30:00
Motherboard assembly number: 73-5781-09
.
(lines omitted)
Record the switch MAC Address: ____________________________
Note: Packet Tracer does not report on the internal switch MAC addresses in the show mac-address-table display. While this feature makes it easier to identify MAC addresses, be aware that it is not a normal display for an actual switch. The Packet Tracer display is more like show mac-address-table dynamic. If you are using a real switch, the dynamic display will be more useful for this lab.
If there are dynamically learned MAC address, clear the MAC address table, and verify no dynamic MAC addresses are in the table.
labsw1# clear mac-address-table dynamic
3. Display and record the MAC addresses of PC1 and PC2, using the ipconfig /all command:
PC1: __________________________
Port: _________________
PC2: __________________________
Port: ________________
4. Using Ethernet cables, connect PC1 and PC2 to labsw1. The lights on the interfaces should turn green, indicating that the connections are good. Record the interfaces above (Fa0/1, Fa0/2, etc.) Using the console connection, verify that the PC MAC addresses do not appear in the MAC Address table:
testlabsw1#sho mac-address-table dymanic
Mac Address Table
-------------------------------------------
If there are addresses in the table, clear the MAC Address Table
clear mac-address-table dynamic
5. From PC1, ping the IP address of PC2:
C:>\ping 192.168.1.3
6. After the ping has completed successfully, display the MAC address table again. The MAC addresses of PC1 and PC2 should be in the MAC Address table, as well as the interfaces used.
labsw1#sho mac-address-table
So how did it work? You should see both MAC addresses listed in the MAC Address Table. Make sure you understand this process.
ARP - Address Resolution Protocol
When you issued the ping from PC1 for the first time, you probably got a response like this:
Request timed out.
Reply from 192.168.1.3: bytes=32 time=16ms TTL=255
Reply from 192.168.1.3: bytes=32 time=31ms TTL=255
Reply from 192.168.1.3: bytes=32 time=32ms TTL=255
The first reply is where the entire process of MAC Address learning happened. The process:
1.The ping command is typed and entered: ping 192.168.1.3. The system will issue four ping commands, with 5 second timeout between each unsuccessful ping. The timer starts for the first ping.
2.PC1 checks its ARP cache to find the MAC address for 192.168.1.3. (Windows command: arp –a). There is no entry for 192.168.1.3.
3.PC1 needs to get a MAC address for 192.168.1.3. To learn the address, PC1 issued an ARP (Address Resolution Protocol). An ARP request is a broadcast frame that says “Who has IP address 192.168.1.3?” The Ethernet frame from PC1 has all “1’s” in the Destination Address field (broadcast) and its own MAC address in the Source Address field: 0010.11d7.d0c0.
4.While the ARP request is processing, so does timer for the ping.
5.Switch labsw1 reads the ARP request and learns that MAC address 0010.11d7.d0c0 is on interface FA0/1.
6.Switch labsw1 updates the MAC Address table with
1 0010.11d7.d0c0 DYNAMIC Fa0/1
7.Switch labsw1 then forwards the ARP broadcast out all active interfaces (up, up), except for FA0/1. In this case, only FA0/2 is "up, up".
8.PC2 sees the ARP request, knows that it has IP address 192.168.1.3, and replies back to PC1 to notify PC1 that it has the requested IP address. It uses the PC1 MAC address for the destination, and its own MAC address for the source Address: 00D0.BA00.D536. The frame is transmitted to switch labsw1.
9.Switch labsw1 reads the source MAC address table and discovers that the MAC address for PC2 is new. The switch updates the MAC Address Table with the PC2 MAC address on interface FA0/2:
1 00d0.ba00.d536 DYNAMIC Fa0/2
10.Now switch labsw1 has a MAC Address Table that looks like:
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0010.11d7.d0c0 DYNAMIC Fa0/1
1 00d0.ba00.d536 DYNAMIC Fa0/2
11. Switch labsw1 reads the Destination Address field and finds MAC Address 0010.11d7.d0c0. Switch labsw1 reads the MAC Address table and sees that 0010.11d7.d0c0 is on interface FA0/1.
12.Switch labsw1 forwards the Ethernet frame out interface FA0/1.
13.By now, the first ping request has timed out. It returns
Request timed out.
14.PC1 now has a MAC address for PC2. PC1 creates the second ping request using the MAC address of PC2 as the Destination MAC address. PC1 transmits the frame to switch labsw1.
15.Switch labsw1 looks at the Destination MAC Address, refers to the table, and transmits the frame out interface FA0/2.
16.PC2 sees the ping request from PC1, creates a reply using PC1’s MAC address as the destination and its own address as the source. PC2 transmits the reply to labsw1.
17.Labsw1 forwards the reply to PC1 based on the MAC address table.
18.This process is repeated until PC1 has issued all of the ping requests. Since all devices: PC1, PC2 and labsw1, know about the MAC addresses, each ping and reply is processed in less than 2 seconds, and the requests do not time out.
Reply from 192.168.1.3: bytes=32 time=16ms TTL=255
Reply from 192.168.1.3: bytes=32 time=31ms TTL=255
Reply from 192.168.1.3: bytes=32 time=32ms TTL=255
Summary
Two critical processes have been demonstrated in Lab 5:
Address management: address learning, MAC address updates, data forwarding
ARP: Address Resolution Protocol
These are critical processes, both for the CCNA® exam, as well as for managing a Cisco network. Repeat this lab as often as needed to fully understand these processes.
