On 6/19/2007 10:31 PM, Greg Scott wrote:
More fundamentally, can I cascade these switches and my bridge/firewall this deep? How do the Internet router and internal servers find each others' MAC addresses when they are 4 "hops" (OSI layer 2 hops) separated? Or am I making this too complicated?
Yes, you probably can cascade the switches like that, though I question is that what you really want to do or not.
As you have indicated, the switches operate at (OSI) layer 2. Thus they pass (sans filtering) any and all non-broadcast traffic that they do not know the destination for out all ports except for the one that it came in on. At least this is the standard operating procedure of most switches.
Seeing as how ARP requests are broadcast they are forwarded out all interfaces except for the one they come in. So, if you ARP on one switch, it will forward it to the next switch, which will in turn forward it on to the next, and so on until there are no more ports to forward the traffic out. ARP replies are unicast from the MAC of the ARPed system back to the ARPing system. This return path is when the intermediary switches learn of the MAC address of the ARPed system. So, subsequent packets to the ARPed system will pass out the switches based on the target MAC address which was previously learned during the ARP.
Incidentally, this is why some systems, especially load balancers and the likes, will send out a "Gratuitous ARP" (a.k.a. GARP) packet to pre-populate (if you will) the switches (MAC) address table(s).
Hope that helps shed some light on the subject. Grant. . . . _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
