The Detailed process of ARP request and MAC address learning with VLAN
I want to introduce you SPOTO ccie security v5 study guide before explaining the points.
Diagram 1.1
For beginners, we need to explain further.
A PC usually has a Layer 2 port (Port) and a Layer 3 interface (Interface), the question is, where is the Layer 2 port?
The physical port of the PC is the network card which can be seen and touched.
Where is the layer 3 interface of the PC?
Beginners usually look around in confusion and then mutter… Where is the layer 3 interface?
The layer 3 interface is implemented by software and it is invisible in the operating system kernel. Although it can't be seen, it must exist. So, we can configure the IP address of the PC's Layer 3 interface, right?
For example, the Layer 3 interface of PC1 IP = 10.1.1.2
With the IP address, the layer 3 interface can be revived and work normally.
In order to distinguish between the Layer 2 port and the Layer 3 interface, circles with orange and blue are used respectively.
The Layer 3 interfaces of the switch are:
SVI 100 = 10.1.1.1
SVI 200 = 20.1.1.1
According to the OSI reference model, a Layer 3 interface must have its corresponding Layer 2 port. What is the Layer 2 ports corresponding to the SVI 100 and 200 interfaces?
SVI 100 - P3
SVI 200 - P4
**Refer to diagram 1.1**
Switch ports P1 and P2 exist to connect PC1 and PC2 but where are the above P3 and P4?
They are implemented inside the switch although not able to see and touch by physical, P3 and P4 must has existed.
The firewall-like part between the two VLANs is to logically isolate the broadcast traffic of two VLANs, ensuring that broadcasts in one VLAN broadcast domain do not fall into other VLANs.
As for the work process, it is very simple. PC1 uses ARP broadcast to discover the MAC of the SVI 100 interface. Once the SVI 100 interface receives the traffic and queries the routing (green part) then traffic needs to flow through the SVI 200 interface. As a result, the SVI 200 broadcasts the MAC of the PC2 in the ARP broadcast in VLAN 200 and then sends the traffic to the PC2 and vice versa.
MAC address learning process of the switch
For the incoming traffic frame, the device will learn its source MAC and refer to the related layer 2 port to map the packet enters from the switch. This generates a mapping table of MAC addresses and port numbers. The name of this table is "Mac Address Table".