Lab – Using IOS CLI with Switch MAC Address Tables
Lab – Viewing the Switch MAC Address Table
Topology
Addressing Table
Device |
Interface |
IP Address |
Subnet Mask |
Default Gateway |
S1 |
VLAN 1 |
192.168.1.11 |
255.255.255.0 |
N/A |
S2 |
VLAN 1 |
192.168.1.12 |
255.255.255.0 |
N/A |
PC-A |
NIC |
192.168.1.3 |
255.255.255.0 |
N/A |
PC-B |
NIC |
192.168.1.2 |
255.255.255.0 |
N/A |
Objectives
Part 1: Build and Configure the Network
Part 2: Examine the Switch MAC Address Table
Background / Scenario
The purpose of a Layer 2 LAN switch is to deliver Ethernet frames to host devices on the local network. The switch records host MAC addresses that are visible on the network, and maps those MAC addresses to its own Ethernet switch ports. This process is called building the MAC address table. When a switch receives a frame from a PC, it examines the frame’s source and destination MAC addresses. The source MAC address is recorded and mapped to the switch port from which it arrived. Then the destination MAC address is looked up in the MAC address table. If the destination MAC address is a known address, then the frame is forwarded out of the corresponding switch port associated with that MAC address. If the MAC address is unknown, then the frame is broadcasted out of all switch ports, except the one from which it came. It is important to observe and understand the function of a switch and how it delivers data on the network. The way a switch operates has implications for network administrators whose job it is to ensure secure and consistent network communication.
Switches are used to interconnect and deliver information to computers on local area networks. Switches deliver Ethernet frames to host devices identified by network interface card MAC addresses.
In Part 1, you will build a multi-switch topology with a trunk linking the two switches. In Part 2, you will ping various devices and observe how the two switches build their MAC address tables.
Note: The switches used are Cisco Catalyst 2960s with Cisco IOS Release 15.0(2) (lanbasek9 image). Other switches and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and output produced might vary from what is shown in the labs.
Note: Make sure that the switches have been erased and have no startup configurations. If you are unsure contact your instructor.
Required Resources
2 Switches (Cisco 2960 with Cisco IOS Release 15.0(2) lanbasek9 image or comparable)
2 PCs (Windows 7 or 8 with terminal emulation program, such as Tera Term)
Console cables to configure the Cisco IOS devices via the console ports
Ethernet cables as shown in the topology
Note: The Fast Ethernet interfaces on Cisco 2960 switches are autosensing and an Ethernet straight-through cable may be used between switches S1 and S2. If using another model Cisco switch, it may be necessary to use an Ethernet crossover cable.
Build and Configure the Network
Cable the network according to the topology.
Configure PC hosts.
Initialize and reload switches as necessary.
Switch#delete flash:vlan.dat
Switch#erase startup-config
Switch#reload
Configure basic settings for each switch.
Configure device name as shown in the topology.
Configure IP address as listed in Addressing Table.
Assign
cisco as the console and vty passwords.
Assign
class as the privileged EXEC password.
Switch(config)#hostname S1
S1(config)#interface vlan 1
S1(config-if)#ip address 192.168.1.11 255.255.255.0
S1(config-if)#no shutdown
S1(config)#line console 0
S1(config-line)#password cisco
S1(config-line)#login
S1(config-line)#line vty 0 15
S1(config-line)#pass cisco
S1(config-line)#login
S1(config-line)#exit
S1(config)#enable secret class
Examine the Switch MAC Address Table
A switch learns MAC addresses and builds the MAC address table, as network devices initiate communication on the network.
Record network device MAC addresses.
Open a command prompt on PC-A and PC-B and type
ipconfig /all. What are the Ethernet adapter physical addresses?
PC-A MAC Address: __The MAC address in this example is 00-50-56-B3-27-D6._________________________________________________________________
PC-B MAC Address: __________The MAC address in this example is 00-50-56-B3-FF-54._________________________________________________________
Console into switch S1 and S2 and type the
show interface F0/1 command on each switch. On the second line of command output, what is the hardware addresses (or burned-in address [bia])?
S1 Fast Ethernet 0/1 MAC Address: _____S1F0/1_________________________________________________
S2 Fast Ethernet 0/1 MAC Address: _____0cd9.96d2.3f81._________________________________________________
S1# show interface f0/1
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 001a.e3cf.b883 (bia 001a.e3cf.b883)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
<output omitted>
S2# show interface f0/1
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0025.83e6.9081 (bia 0025.83e6.9081)
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
<output omitted>
Display the switch MAC address table.
Console into switch S2 and view the MAC address table, both before and after running network communication tests with ping.
Establish a console connection to S2 and enter privileged EXEC mode.
In privileged EXEC mode, type the
show mac address-table command and press Enter.
S2#
show mac address-table
Even though there has been no network communication initiated across the network (i.e., no use of ping), it is possible that the switch has learned MAC addresses from its connection to the PC and the other switch.
Are there any MAC addresses recorded in the MAC address table?
The switch may have one or more MAC addresses in its table, based on whether or not the students entered a ping command when configuring the network. The switch will most likely have learned MAC addresses through S1’s F0/1 switch port. The switch will record multiple MAC addresses of hosts learned through the connection to the other switch on F0/1
.
What MAC addresses are recorded in the table? To which switch ports are they mapped and to which devices do they belong? Ignore MAC addresses that are mapped to the CPU.
The MAC address table might contain several MAC addresses, particularly those acquired through the F0/1 switch port of S1. In the provided output example, the MAC address of S1’s F0/1 and PC-A are associated with S2’s F0/1.
If you had not previously recorded MAC addresses of network devices in Step 1, how could you tell which devices the MAC addresses belong to, using only the output from the
show mac address-table command? Does it work in all scenarios?
The result from executing the “show mac address-table” command indicates the port where the MAC address was discovered. Typically, this helps identify the network device associated with the MAC address, except when multiple MAC addresses are linked to a single port. This occurrence arises when switches are interconnected, recording all MAC addresses for devices connected to the interconnected switch.
Clear the S2 MAC address table and display the MAC address table again.
In privileged EXEC mode, type the
clear mac address-table dynamic command and press
Enter.
S2#
clear mac address-table dynamic
Quickly type the
show mac address-table command again. Does the MAC address table have any addresses in it for VLAN 1? Are there other MAC addresses listed?
Wait 10 seconds, type the
show mac address-table command, and press Enter. Are there new addresses in the MAC address table? __________________
No. The student will most likely discover that the MAC address for the other switch’s F0/1 switch port has been quickly reinserted in the MAC address table.
From PC-B, ping the devices on the network and observe the switch MAC address table.
From PC-B, open a command prompt and type
arp -a. Not including multicast or broadcast addresses, how many device IP-to-MAC address pairs have been learned by ARP?
The ARP cache may have no entries in it, or it may have the gateway IP address to MAC address mapping.
C:\Users\PC-B>
arp –a
Interface: 192.168.1.2 — 0x6
Internet Address Physical Address Type
192.168.1.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.252 01-00-5e-00-00-fc static
255.255.255.255 ff-ff-ff-ff-ff-ff static
From the PC-B command prompt, ping PC-A, S1, and S2. Did all devices have successful replies? If not, check your cabling and IP configurations. Yes
From a console connection to S2, enter the
show mac address-table command. Has the switch added additional MAC addresses to the MAC address table? If so, which addresses and devices?
There may only be one additional MAC address mapping added to the table, most likely the MAC address of PC-A.
From PC-B, open a command prompt and retype
arp -a. Does the PC-B ARP cache have additional entries for all network devices that were sent pings?
ARP cache on PC-B should have more entries
Reflection
On larger networks, the dynamic building of ARP caches and MAC address tables can pose several challenges.
1.
Increased Traffic: With a higher number of devices, there is more network traffic generated as devices communicate and broadcast ARP requests to discover each other’s MAC addresses. This can lead to increased network congestion.
2.
Table Size: As the network grows, the size of MAC address tables on switches and ARP caches on devices also increases. Managing and maintaining extensive tables becomes more complex and resource-intensive.
3.
Broadcast Storms: Larger networks are more susceptible to broadcast storms, where a broadcast message generates a high volume of traffic, potentially overwhelming the network and degrading performance.
4.
Address Resolution Delay: With a larger number of devices, the time taken for address resolution (mapping IP addresses to MAC addresses) may increase, leading to potential delays in communication.
© 2024 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page
1 of
10
© 2024 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page
5 of
10