From: Carlos G Mendioroz (tron@huapi.ba.ar)
Date: Wed Aug 01 2007 - 17:23:05 ART
ARP is the only way to know L2 destination for a packet in ethernet.
And it will traverse both VLANs with no trouble.
You will use ARP even when no routers are involved. In fact, one way
of (not) configuring the default gateway is by proxy arping, i.e.,
asking via ARP even for not the same segment destinations.
(Done on some OSs by setting the default gateway to self)
CAM table at the switch depends on the switch. Story goes that the 1900
does not link the learned MACs to vlans, only one table, bad thing.
(But it may even work because, story goes, the 1900 can vlan jump
because of that, I have not tested this myself).
-Carlos
Ben @ 31/07/2007 13:08 -0300 dixit:
> Hi Ivan,
>
> You are right, when talking about a router. I assumed we were dealing with
> PC hosts. Microsoft and Unix hosts tend to add a default route (check with
> "route print") in their local routing tables the minute you configure them
> with an IP address. Hence the arp resolution attempt for all destinations.
>
> Ben
>
>
>
> On 7/31/07, Ivan <ivan@iip.net> wrote:
>> Hello Ben !
>>
>> Host send ARP broadcast only if host is directly connected. If there is
>> no
>> network in RIB, host will not send ARP. You must revise your concept.
>>
>> On Tuesday 31 July 2007 17:23, Ben wrote:
>>> Just when i thought I had it figured. What happens at ARP level?
>>>
>>> Just to break it down.
>>>
>>> 1. Host in vlan1 sends ARP broadcast.
>>> 2. broadcast flooded to all vlan1 ports, including port with cable
>>> interconnecting vlan1 to vlan2.
>>> 3. afaik, vlan2 port should drop the broadcast. Now I'm not sure what
>>> happens at this stage.
>>>
>>> assuming we put aside our routing knowledge for a moment:
>>>
>>> 4.If broadcast flooded through vlan2, destination host receives it and
>>> unicasts its IP back.
>>> 5. Unknown unicast flooded to all vlan2 ports including interconnection
>>> port.
>>> 6 host in vlan1 caches entry and sends unicast data. Or does it? When it
>>> detects the source as being from another IP subnet, shouldn't it drop
>> the
>>> arp response packet? If from same subnet, it will accept the entry.
>>> 7 If same subnet, indeed they should communicate. If not, I'm not sure
>> what
>>> happens next.
>>>
>>> Perhaps someone else can demystify this communication further.
>>>
>>> Ben
>>>
>>> On 7/31/07, Carlos G Mendioroz <tron@huapi.ba.ar> wrote:
>>>> Hmm, you are for a surprise if you think so.
>>>> Yes, this works, and there are some setups where this may prove
>> useful.
>>>> Like some switches that only support one private vlan promiscuous port
>>>> and you need to connect a couple.
>>>> Or some restrictions on where you can rate limit on some
>> architectures.
>>>> (E.g. you can go to a real L3 interface from a L2 access)
>>>>
>>>> Nothing really clean, and I would not recomend doing that anywhere,
>> but
>>>> works... like most hacks.
>>>>
>>>> -Carlos
>>>>
>>>> Ben @ 31/07/2007 07:13 -0300 dixit:
>>>>> Martijn,
>>>>>
>>>>> VLANs by design confine traffic to the vlan, unless it has been
>> routed
>>>>> across to another vlan. Merely connecting a cable between two VLANs
>>>>> therefore does not circumvent this behavior, even if hosts in the
>> two
>>>> vlans
>>>>
>>>>> use the same IP subnet.
>>>>>
>>>>> Ben
>>>>>
>>>>> On 7/31/07, martijn <groupstudy@martijnj.nl> wrote:
>>>>>> Lim,
>>>>>>
>>>>>> i needed to laugh a little at first. Never tried.
>>>>>>
>>>>>> Not THE answer, I think you need to test.
>>>>>>
>>>>>> let's break up your q's.
>>>>>>
>>>>>>> done before?
>>>>>> No.
>>>>>>
>>>>>>> Can a host on VLAN359 now communicate with a host on VLAN360?
>>>>>> After i read your post trice, i see you want to do it @ one switch.
>>>> when i
>>>>
>>>>>> want to do comms with an host it starts with ip, if that is not
>> local
>>>>>> (logical AND) I go for the default gateway. Do your pc's have
>>>>>> one?????????????
>>>>>>
>>>>>> When I look to your Q form another angle, say mac-addr table,
>> (never
>>>>>> tested,
>>>>>> group?) I would say mac-addr binding goes to direct connected prot
>>>> first,
>>>>
>>>>>> after that I assume that the link would for a L2 link between
>> vlan's.
>>>> Any
>>>>
>>>>>> takes?
>>>>>>
>>>>>> martijn
>>>>>>
>>>>>> ----- Original Message -----
>>>>>> From: "Toh Soon, Lim" <tohsoon28@gmail.com>
>>>>>> To: <ccielab@groupstudy.com>
>>>>>> Sent: Tuesday, July 31, 2007 9:43 AM
>>>>>> Subject: Bridging VLANs by looping cable
>>>>>>
>>>>>>> Hi All,
>>>>>>>
>>>>>>> This may sound simple and mundane but for curiosity sake, I need
>> to
>>>> seek
>>>>
>>>>>>> clarification.
>>>>>>>
>>>>>>> Has anyone tried "bridging" two VLANs by looping a cable to the
>> same
>>>>>>> switch?
>>>>>>> E.g. in the following diagram:
>>>>>>>
>>>>>>> Gi0/1(VLAN359)----
>>>>>>>
>>>>>>>
>>>>>>> Gi0/2(VLAN360)----
>>>>>>>
>>>>>>> The same cable connects to interfaces Gi0/1 (VLAN359) and Gi0/2
>>>>>> (VLAN360).
>>>>>>
>>>>>>> Can a host on VLAN359 now communicate with a host on VLAN360?
>>>>>>>
>>>>>>> What's the implication doing this, e.g. from STP point of view? Is
>> it
>>>>>>> recommended at all?
>>>>>>>
>>>>>>> Any advice is appreciated.
>>>>>>>
>>>>>>>
>>>>>>> Thank you.
>>>>>>>
>>>>>>> B.Rgds,
>>>>>>> Lim TS
>>>>
>> _______________________________________________________________________
>>>>>>> Subscription information may be found at:
>>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>>
>> ______________________________________________________________________
>>>>>> _ Subscription information may be found at:
>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>> _______________________________________________________________________
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>> --
>>>> Carlos G Mendioroz <tron@huapi.ba.ar> LW7 EQI Argentina
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Carlos G Mendioroz <tron@huapi.ba.ar> LW7 EQI Argentina
This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:09 ART