Tuesday, June 12, 2012

Unicast flooding - Follow up


Unicast Flooding with Asymmetric routing

As a follow up post to the unicast flooding, lets take the below scenario.(Diagram  taken from Cisco website). Here, Server 1 (S1) is in Vlan 1 and server 2 (S2) is in  vlan 2 connected to 2 different switches. S1 is connected to SW1 on int f1/1 and S2 is connected to SW2 on int f1/1. These 2 switches are connected to each other over a .1Q trunk carrying both the vlans on int f1/24 on both switches. Router A and Router B are doing routing for both the vlans (Router-on-a-stick). Router A is connected to SW1 on int f1/23 and router B is connected to SW2 on int f1/23. Router A is the gateway for Server S1 and Router B is the gateway for the Server S2.



Now when there is traffic passing from the S1 to S2, following path will be used

S1(Vlan 1) – SW1 – Router A – Vlan 2 – SW2 – S2 (Vlan 2)

The reverse path will be

S2 (Vlan 2) – SW2 – Router B – Vlan 1 – SW1 – S1 (Vlan 1)

Let us analyze why there will be unicast flooding each time a packet travels between S1 – S2

Scenario 1: Traffic traverses from S1 to S2
Here, S1 knows that the destination address is not in the subnet and hence needs to ARP for its own gateway (Router A Vlan 1). It will send the packet to the Router A vlan 1. Router A in-turn needs to send the packet to S2 which is in the network connected to its Vlan 2 interface. So it will use the Vlan2 source MAC and will ARP for the MAC of S2. This Arp reply will come from the trunk port. Router A will send the packet directly to S2. Now this packet will be sent out interface 1/23 on SW1 but since there is no MAC entry on SW1, this packet will flooded to ach port except the source port. SW2 will receive this packet on the trunk port and learn the MAC of Router A vlan 2 interface and store it in the CAM against the trunk port.  However, it does not have the CAM entry for S2 and hence it will also resort to unicast flooding. So the following MAC learning has been done yet

On SW1
For the S1 MAC address on interface 1/1
For Router A vlan 2 Mac on interface 1/23

On SW2
For the Router A vlan 2 Mac on interface 1/24

Scenario 2 : Return traffic from S2 to s1
On the return side, S2 needs to send the traffic to S1 which is not in its subnet hence S2 will ARP for its own gateway which is Router B Vlan 2 and send the traffic to it. Router B will receive the traffic and realizing that there is a route, will ARP for the S1 which it will receive on VLAN 1 and send the packet to S1. This packet will be sent on interface 1/23 on SW2. SW2 will learn the Router B Vlan 1 MAC on interface 1/23 however it does not have MAC entry for the S1 and hence SW2 will resort to unicast flooding.  This packet will be received on SW1 on interface 1/24 and SW1 will learn the MAC of Router B Vlan 1 on this interface.  This time around, the SW1 has the CAM entry for S1 and hence this will be unicast and not flooded. during this phase, following MAC learning has been done.

On SW2
For the Router B Vlan 1 on interface f1/23
For the S2 on Vlan 2 on interface f1/1
On SW1
For Router B vlan 1 on interface f1/24

As we can see, on SW1, we never learn MAC for S2 and hence every forward packet will be unicast flooded into Vlan 2. Similarly, on SW2, S1 MAC is never learnt hence every return packet will be unicast flooded into Vlan 1.

As always, I can be wrong so any corrections/suggestions welcome.

No comments: