What does a switch do when it receives a packet with an unknown destination MAC address?

Switch Mac Address: What’s It and How Does it Work?

Updated on Sep 29, 2021

 64.7k

Switch Mac Address: What’s It and How Does it Work?

You may have noticed that every piece of hardware on your local network has a MAC address in addition to the IP address. Except for switches which have switch MAC address, all devices that connected to the Internet have this unique identifying number, from desktop computers, laptops, cell phones, tablets to wireless security cameras, and even your connected refrigerator have a MAC address. So, why does your network devices need two addresses to connect to a network? Isn’t an IP address sufficient? What exactly is that MAC address for?

To put the MAC (Media Access Control) address in layman’s terms, you can think of the MAC address as your unique digital fingerprint, which is one of a kind in the world. A MAC Address is given by the manufacturer and it is embedded in the chip that allows your device to connect to a network. For a network switch, it is likely to have many MAC addresses, since one MAC address is assigned to every interface on the switch.

An Overall View of Mac Address

A MAC address, also known as “hardware address” or “physical address”, is a binary number used to uniquely identify computer network adapters. Packets that are sent on the Ethernet are always coming from a MAC address and sent to a MAC address. If a network adapter is receiving a packet, it is comparing the packet’s destination MAC address to the adapter’s own MAC address. If the addresses match, the packet is processed, otherwise it is discarded. Traditional MAC addresses are 12-digit hexadecimal numbers. The leftmost six hexadecimal digits of the address correspond to a manufacturer's unique identifier, while the rightmost six digits correspond to the serial number of the network interface card (NIC).

MAC vs IP Address Relationship

Initially it might seem that IP addresses and MAC addresses are redundant because both are unique identifiers of networked devices, but they actually serve different purposes, and are visible in very different ways. MAC operates at Layer 2 of the OSI model while IP operates at Layer 3.

MAC addresses are typically used only to direct packets from one device to the next device as data travels on a network. That means that the MAC address of your computer’s network adapter travels the network only until the next device along the way. If you have a router, then your machine’s MAC address will go no further than that. While when your computer wants to send a packet to some IP address x.x.x.x, then the first check is if the destination address is in the same IP network as the computer itself. If x.x.x.x is in the same network, then the destination IP can be reached directly, otherwise the packet needs to be sent to the configured router. So do you see what’s going on? The MAC address just gets the data packet to the next device but the IP address is responsible for getting it to the ultimate destination.

What Do Switches Use Mac Address For?

Switches are unlike hubs or repeaters. A hub simply rebroadcasts every signal on every port to every other port, which (while inefficient and slow) is easy to create. A switch, on the other hand, intelligently directs traffic between systems by routing packets only to their proper destination. To do this, it keeps track of the MAC addresses of the NICs plugged into each port. MAC addresses need to be unique or at least highly unlikely to be repeated for switches to identify different ports and devices, which is why manually setting a MAC address can have unexpected consequences in a switched network. Switches usually have a bunch of MAC addresses reserved in its MAC address table. When forwarding a frame, the switch first looks up the MAC address table by the destination MAC address of the frame for the outgoing port. If the outgoing port is found, the frame is forwarded rather than broadcast, so broadcasts are reduced.

How Do Switches Learn Mac Address?

Since a switch has some intelligence, it can build the MAC address table automatically. The following part will illustrate how a switch learns MAC addresses.

There’s a switch in the middle and we have 3 computers around. All computers have a MAC address but they are simplified as AAA, BBB, and CCC. The switch has a MAC address table and it will learn where all the MAC addresses are in the network. Now, assuming Computer A is going to send something to Computer B:

Computer A is going to send some data meant for computer B, thus it will create an Ethernet frame which has a source MAC address (AAA) and a destination MAC address (BBB). The switch has a MAC address table and here’s what will happen:

The switch will build a MAC address table and only learns from source MAC addresses. At this moment it just learned that the MAC address of computer A is on interface 1. It will now add this information in its MAC address table. But the switch currently has no information where computer B is located. There’s only one option left to flood this frame out of all its interfaces except the one where it came from. computer B and computer C will receive this Ethernet frame.

Since computer B sees its MAC address as the destination of this Ethernet frame it knows it’s meant for him, computer C will discard it. Computer B is going to respond to computer A, build an Ethernet frame and send it towards the switch. At this moment the switch will learn the MAC address of computer B. That’s the end of our story, the switch now knows both MAC addresses and the next time it can “switch” instead of flooding Ethernet frames. Computer C will never see any frames between Computer A and B except for the first one which was flooded. You can use the show mac address-table dynamic command to see all the MAC addresses that the switch has learned.

One other point worth emphasizing here is that the MAC address table on the switch uses an aging mechanism for dynamic entries. If the MAC address of Computer A and B are not updated within their aging time, they will be deleted to make room for new entries, which means the frames between computer A and B will be flooded to Computer C again if A wants to transfer information to B.

How to Configure Your Switch Mac Address Table?

A MAC address table is maintained for frame forwarding, which can be dynamically learned or manually configured. The former has been introduced in the previous text, and the next part will focus on how to configure the MAC addresses manually to adapt to network changes and enhance network security.

Configuring Static, Dynamic, and Blackhole MAC Address Table Entries

To improve port security, you can manually add MAC address entries to the MAC address table to bind ports with MAC addresses, fending off MAC address spoofing attacks. In addition, you can configure blackhole MAC address entries to filter out packets with certain source or destination MAC addresses.

To add or modify a static, dynamic, or blackhole MAC address table entry:

Configuring a Multi-port Unicast MAC Address Table Entry

You can configure a multi-port unicast MAC address table entry to associate a unicast MAC address with multiple ports, so that packets that match the entry is delivered to multiple destination ports.

To configure a multi-port unicast MAC address table entry:

Configuring the Aging Timer for Dynamic MAC Address Entries

The MAC address table on your switch uses an aging mechanism for dynamic entries, so dynamic MAC address entries that are not updated within their aging time are deleted to make room for new entries, and the MAC address table is promptly updated to accommodate the latest network changes.

To configure the aging timer for dynamic MAC address entries:

Configuring the MAC Learning Limit on Ports

To prevent the MAC address table from getting so large that the forwarding performance of the switch degrades, you can limit the number of MAC addresses that can be learned on a port.

To configure the MAC learning limit on ports:

Configuring the MAC Learning Limit on a VLAN

You may also limit the number of MAC addresses that can be learned on a per-VLAN basis.

To configure the MAC learning limit on a VLAN:

Displaying and Maintaining the MAC Address Table

Summary

Admittedly, when it comes to MAC, men tend to think of the fantastic computer while women think of a thing of beauty. But when we hear the term “MAC Address”, now we know we are talking about an entirely different beast. Since MAC Addresses are unique to the network card and not reused, they are quite useful and important in applications. Network switches store a list of MAC addresses seen at every port and only forward packets to the ports that need to see the packet. Wireless access points often use MAC addresses for access control. They only allow access for known devices. Besides, DHCP (Dynamic host configuration protocol) servers use the MAC address to identify devices and give some devices fixed IP addresses.

You might be interested in



What does a switch do with an unknown MAC address?

What will the switch do when it receives a packet with a destination MAC address not listed inside its MAC address table?

What happens when a switch receives a packet that has a destination MAC address the switch has not seen before?