I know that when a divice on a LAN sends a frame to another device on the same network it first uses arp to find the mac address then sends the frame. The switch recieves the frame, observes the destination mac address on the frame then forwards it accordingly.
But what if the frame arrives from a device outside the network? That device would not know the mac address of the destination device so when the frame gets to the switch it does not contain a destination mac address only the destination ip address in the packet. How does the switch know where to send the frame?
That is where routing comes in. Once the frame goes to the router and notices the IP address is not in it's own network, it checks its routing table to see which interface to send the information out of. Once the correct network is found, the switch on the correct network checks its ARP table for the destination addresses. If it does not know the MAC address of the destination, it sends out a broadcast message, waits for a response, then forwards the data properly.
So you're saying that when the switch receives the frame containing no destination mac address it sends out an arp broadcast to determine the mac address associated with the ip address in the packet?
Roger, the frame will have a destination MAC address. The gateway for the LAN, where the packet enters from, will perform the ARP to find the MAC address of the destination host and address the frame accordingly.
Its like the opposite of a packet from your host going to a destination outside your network. The host does not know the destination MAC address for the frame, only that the destination is on another network. Therefore, it addresses the frame (layer 2) to it's default gateway's MAC so the gateway can handle the packet accordingly.
Slightly off topic: Each frame is going to have an address, whether unicast, multicast, or broadcast. If a switch receives a frame for which it does not know the port that the destination is attached to, it floods the frame out all ports (except the one the frame arrived from).
That is correct Roger. The packet needs to have either an IP address or a MAC address to communicate. If it doesn't have a MAC address, then the switch uses its ARP table. If the IP address is on a different network, then the router will realize this and send a message back to the switch.
(I hope I have that part about the router correct)
Thanks John & ESummers but there seems to be a little conflict between the two answers I've gotten so far.
Is it the 'SWITCH' that sends out the arp broadcast in order to determine the destination mac address or does the 'ROUTER' do it and then forward the frame to the switch with the newly discovered destination mac address attached?
The switch sends out the ARP broadcast.
The router also has its own ARP table, so once it sees the destination IP address is not on its network, it responds to the switch letting it now this. The switch then sends the packet to the router with the destination IP address of the remote client and the MAC adderss of the router.
Layer 2 Switches do three things: Flood, Forward, or Filter. They do not originate ARP broadcasts. When a router receives a packet from an external source, It strips the L2 frame and examines the L3 packet. It looks at the destination ip address and if it for a local network it will check the ip address against it's arp table. If there is not an entry for that address the router will send out the an arp broadcast and will wait for a reply.
When the router receives the reply it will put the entry in its arp table for future use and encapsulation the L3 packet into a L2 frame and send the frame onto the wire. When the switch receives the frame it will look at the source MAC address and if it is not in its MAC table it will put the source MAC address and port number for that address in its MAC table for future use.
Then it looks at the destination MAC address. If the MAC address is in the MAC table it will forward the frame to the destination port. If the destination MAC address is not in the MAC table it will flood the frame out all ports except the port the frame came in on.
A switch is not going to receive a frame without a destination MAC address.
The device performing the routing for the network will ARP for the MAC. In the academic sense, it will be the router. However, "router" can be a router or a "layer 3 switch". (reminder a layer 3 switch is simply a switch that can also perform routing functions in this discussion).
Let's say you have a router connected to the internet. You want to connect several devices, stop you connect a switch (a regular ol' layer 2 switch) to the router, and connect all of your hosts to the switch. In this case, the router will perform ARP for any incoming packet drained for your hosts. The switch will simply switch the packets based on MAC (layer 2) address.
Oops, yes you are right.
I really have no idea what in the world I was thinking. Sorry for the confusion everyone.