Ethernet Switching
Reply
Trusted Contributor
SapphireNET
Posts: 154
Registered: ‎03-27-2008
0

Unknown unicast forwarding

hi all

 

I was wondering about the unknown unicast forwarding.

 

Will ARP requests go to all other ports or only the upstream trunk port?

 

anywhere with more information on this?

JNCIS-M, JNCIS-SEC
Trusted Contributor
BuckWeet
Posts: 159
Registered: ‎08-29-2008
0

Re: Unknown unicast forwarding

Ethernet switches by default are supposed to forward all unknown destinations out all ports.. This is known as unicast flooding. On some switches you can define a particular link to be the destination port for all unknown mac-addresses..

Distinguished Expert
aarseniev
Posts: 1,699
Registered: ‎08-21-2009
0

Re: Unknown unicast forwarding

 

Hello,
Unicast flooding happens when MAC-address entry expires in switch mac-address-table but ARP entry is still valid in transmitting host ARP table.
You can rate-limit unknown unicast traffic with storm-control feature in EX series switches
http://www.juniper.net/techpubs/en_US/junos9.5/topics/example/rate-limiting-storm-control-configurin...
And ARP requests are generally broadcast. On some kit (e.g. Cisco IOS routers if my memory serves) when "clear ip arp" command is entered, the kit sends out unicast ARP requests to refresh the ARP entries.
HTH
Rgds
Alex

 

 

___________________________________
Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Trusted Contributor
SapphireNET
Posts: 154
Registered: ‎03-27-2008
0

Re: Unknown unicast forwarding

ok that makes sense.

 

so a couple of other questions then and the reason for them:

 

1. Does the EX Series have anyway to rate limit ARP messages?

2. Does the EX series have a way to get the same functionality for broadcast messages as the unknown unicast forwarding:

  ie:  ARP messages can go to other access ports but normal broadcasts only go up to the trunk port.

 

the reason for this is we are looking at equipment to use for an AE P2P FTTH solution.  and this broadcast limiting is a nice feature on one supplier.

 

thanks

JNCIS-M, JNCIS-SEC
Distinguished Expert
aarseniev
Posts: 1,699
Registered: ‎08-21-2009
0

Re: Unknown unicast forwarding

 


SapphireNET wrote:

 

1. Does the EX Series have anyway to rate limit ARP messages?

 


 

 

I believe yes with ingress firewall filters and policers

http://www.juniper.net/techpubs/en_US/junos10.1/topics/task/configuration/firewall-filter-ex-series-...

http://www.juniper.net/techpubs/en_US/junos10.1/topics/reference/requirements/firewall-filter-ex-ser...

 

 


SapphireNET wrote:

 

2. Does the EX series have a way to get the same functionality for broadcast messages as the unknown unicast forwarding:

  ie:  ARP messages can go to other access ports but normal broadcasts only go up to the trunk port.

 

 


 

 

You can rate-limit both broadcast and unknown unicast with storm-control.

As to restricting the ARP requests from going into trunk port - I don't think this is a good idea since then Your clients won't be able to see each other on IP level across 2 or more switches. Same applies to default gateway if it is across 2 or more switches from clients.

Rgds

Alex

___________________________________
Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.