How does the Junos OS handle the received frame?

An EX Series switch receives an Ethernet frame with a destination MAC address that is not in the bridging table.
How does the Junos OS handle the received frame?

An EX Series switch receives an Ethernet frame with a destination MAC address that is not in the bridging table.
How does the Junos OS handle the received frame?

A.
The Junos OS learns the source MAC address and drops the frame.

B.
The Junos OS learns the source MAC address and floods discovery BPDUs.

C.
The Junos OS learns the source MAC address forwards the frame towards the root bridge.

D.
The Junos OS learns the source MAC address and floods the frame.

Explanation:
Understanding Layer 2 Forwarding Tables

The SRX Series device maintains forwarding tables that contain MAC addresses and associated interfaces for each Layer 2 bridge domain. When a packet arrives with a new source MAC address in its frame header, the device adds the MAC address to its forwarding table and tracks the interface at which the packet arrived. The table also contains the corresponding interface through which the device can forward traffic for a particular MAC address.

If the destination MAC address of a packet is unknown to the device (that is, the destination MAC address in the packet does not have an entry in the forwarding table), the device duplicates the packet and floods it on all interfaces in the bridge domain other than the interface on which the packet arrived. This is known as packet flooding and is the default behavior for the device to determine the outgoing interface for an unknown destination MAC address. Packet flooding is performed at two levels: packets are flooded to different zones as permitted by configured Layer 2 security policies, and packets are also flooded to different interfaces with the same VLAN identifier within the same zone. The device learns the forwarding interface for the MAC address when a reply with that MAC address arrives at one of its interfaces.

You can specify that the SRX Series device use ARP queries and trace-route requests (which are ICMP echo requests with the time-to-live values set to 1) instead of packet flooding to locate an unknown destination MAC address. This method is considered more secure than packet flooding because the device floods ARP queries and trace-route packetsnot the initial packeton all interfaces. When ARP or trace-route flooding is used, the original packet is dropped. The device broadcasts an ARP or ICMP query to all other devices on the same subnetwork, requesting the device at the specified destination IP address to send back a reply. Only the device with the specified IP address replies, which provides the requestor with the MAC address of the responder.

ARP allows the device to discover the destination MAC address for a unicast packet if the destination IP address is in the same subnetwork as the ingress IP address. (The ingress IP address refers to the IP address of the last device to send the packet to the device. The device might be the source that sent the packet or a router forwarding the packet.) Trace-route allows the device to discover the destination MAC address even if the destination IP address belongs to a device in a subnetwork beyond that of the ingress IP address.

When you enable ARP queries to locate an unknown destination MAC address, trace-route requests are also enabled. You can also optionally specify that trace-route requests not be used; however, the device can then discover destination MAC addresses for unicast packets only if the destination IP address is in the same subnetwork as the ingress IP address.

Whether you enable ARP queries and trace-route requests or ARP-only queries to locate unknown destination MAC addresses, the SRX Series device performs the following series of actions:

1. The device notes the destination MAC address in the initial packet. The device adds the source MAC address and its corresponding interface to its forwarding table, if they are not already there.
2. The device drops the initial packet.
3. The device generates an ARP query packet and optionally a trace-route packet and floods those packets out all interfaces except the interface on which the initial packet arrived.
ARP packets are sent out with the following field values:

Source IP address set to the IP address of the IRB
Destination IP address set to the destination IP address of the original packet
Source MAC address set to the MAC address of the IRB
Destination MAC address set to the broadcast MAC address (all 0xf)

Trace-route (ICMP echo request or ping) packets are sent out with the following field values:

Source IP address set to the IP address of the original packet
Destination IP address set to the destination IP address of the original packet
Source MAC address set to the source MAC address of the original packet
Destination MAC address set to the destination MAC address of the original packet
Time-to-live (TTL) set to 1

4. Combining the destination MAC address from the initial packet with the interface leading to that MAC address, the device adds a new entry to its forwarding table.
5. The device forwards all subsequent packets it receives for the destination MAC address out the correct interface to the destination.



Leave a Reply 0

Your email address will not be published. Required fields are marked *