Sparda Posted September 23, 2008 Posted September 23, 2008 Many managed switches are able to detect if another switch (managed or other wise) is connected to one of it's ports. I'm curious if any one knows what technique these switches use to detect other switches but with out any additional computers connected. Once two or more computers are connected to the switch it's obvious, but I'm talking about if the switch is connected to one or less computers. At the (I think) transport layer, the managed switch could flip back and forth between uplink and non-uplink port at initial connection a few times. Since any modern switch will automatically correct this 'error', that would make that device suspect if the device at the other end corrected the managed switches 'mistake'. The only protocol that switches care about is ARP, I wonder if switches some how act differently to computers in some way when when handling ARP broadcasts. Quote
Tenzer Posted September 23, 2008 Posted September 23, 2008 Many managed switches are able to detect if another switch (managed or other wise) is connected to one of it's ports. Do you have an example of this? I can't remember that I have seen such feature, at least not on an unmanaged switch, but I don't manage switches that often. Managed switches do have certain switch protocols like spanning tree and network discovery protocols which are probably used for it. The point about swapping the connector pairs in the port, and see how the other device acts on this probably doesn't work, since most never network interfaces also have this ability. Quote
digip Posted September 24, 2008 Posted September 24, 2008 Switches have a port just for chaining them. No need for crossover cables(I think). Most likely, this is how they know, but I don't see how it makes a difference. The device looks in its arp cache for connected devices and routes packets accordingly. When it doens't have it in its list, it sends out a broadcast to all attached devices and they send back who they are, it then adds the device to its arp list, then when a request is made, it sends the packets to only the targeted endpoint. If you want to reach another switch, you just need to know its IP address to reach it and if its attached to the one switch, it adds it to irs arp list/cache and so on. Quote
Tenzer Posted September 24, 2008 Posted September 24, 2008 That is wrong digip. A normal layer 2 switch (which I presume we are talking about, unless otherwise mentioned) doesn't have any ARP table, and doesn't send any packets at all on it's own. ARP is used for having a relation between IP addresses and MAC addresses, and since layer 2 switches aren't aware of IP addresses, they don't use ARP. Instead they have a list of which port they last seen a certain MAC address at. Normal unmanaged switches doesn't have an IP address, you have to get a layer 3 switch in order to have that. Quote
digip Posted September 24, 2008 Posted September 24, 2008 That is wrong digip. A normal layer 2 switch (which I presume we are talking about, unless otherwise mentioned) doesn't have any ARP table, and doesn't send any packets at all on it's own. ARP is used for having a relation between IP addresses and MAC addresses, and since layer 2 switches aren't aware of IP addresses, they don't use ARP. Instead they have a list of which port they last seen a certain MAC address at. Normal unmanaged switches doesn't have an IP address, you have to get a layer 3 switch in order to have that. Well, you are right about where the arp cache was on the layers, but I was thinking more in terms of a router/switch, and not a bridge. Switch is just a name given to different devices such as a bridge, router, there are switches for multiple layers, often given names like Statefull firewall, etc. A switch can theoretically operate at multiple layers of the OSI model at any given time. The OSI model is not a real physical thing, it is just a theorized model for manufacturers to build their devices on for modularity and interoperability and gives Network technicians a way to track down problems in step by step along the way. Switches will have their own ARP cache but they will also keep track of which MAC address is connected to which port on the switch. This can be seen with the show mac-address-table commands on a Cisco IOS switch. - http://www.petri.co.il/csc_arp_cache.htm On a Cisco switch or router, the ARP cache table looks like this: SWITCH#show ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.1.100.50 0 001e.c4fc.97ff ARPA Vlan1 - http://www.networkblueprints.com/troublesh...d-arp-cache-lan If a switch is directly connected to another switch, it knows where the other switch is because of the device and mac conencted to its port, mapped from MAC address to the connecting port on the switch. If say the switch you need to talk to is 3 segments down the line, it isn't directly connected to its port, then he has to send out a broadcast to all parties connected to it, the second switch see the request, says not me, forwards off to next devices + segment, 3rd switch says hey, thats me, here is my info sends back the IP+mac address, switch 2 stores and forwards the info back to switch 1, switch one is happy to see the info, adds it to its tables. Switch 2 and 1 now know who/where switch 3 is by both MAC and IP address(An Arp table/cache). Switches, even primarily Layer 2 switches, can be aware of Layer 3 multicast and increase efficiency by delivering the traffic of a multicast group only to ports where the attached device has signaled that it wants to listen to that group. http://en.wikipedia.org/wiki/OSI_model http://www.networkblueprints.com/troublesh...d-arp-cache-lan Quote
Tenzer Posted September 24, 2008 Posted September 24, 2008 Well, it seems like you are talking about layer 3 switches, and I am talking about layer 2 - That's where we go wrong of each other... Quote
Reflux Posted September 25, 2008 Posted September 25, 2008 I'm not sure if this is what you mean but I know cisco switches use CDP to broadcast its existence and specs. And non cisco ones use Link Layer Discovery Protocol (IEEE 801.1AB). Quote
charm_quark Posted September 25, 2008 Posted September 25, 2008 switch also use something called a "stp" so as to elect a root switch that where they can detect all switch's....... can they not!!!!!!!111 Quote
natural_orange Posted September 25, 2008 Posted September 25, 2008 STP or "Spanning Tree Protocol" is commonly used to detect changes in network topology, if you WireShark a network that has this in place you should see a somewhat regular stream of messages about it. http://en.wikipedia.org/wiki/Spanning_tree_protocol Most modern switches have AUTO MDI/MDX (auto cross-over) which typically means that some other network hardware is there besides a computer. http://en.wikipedia.org/wiki/Ethernet_cros...matic_crossover I'm sure both of those would help it. Quote
Reflux Posted September 27, 2008 Posted September 27, 2008 STP is used to prevent network loops in networks. Sure it can detect topology changes but there are protocols designed specifically for detecting devices. Quote
zao Posted September 28, 2008 Posted September 28, 2008 just throwing in my 2 cents... Yes, switches can use STP if it's enabled on them, and that only really needs to be the case if you have a network topology susceptible to routing loops. If you use vlans, the switch could also recognize that it's connected to another switch if you enable vlan trunking on one of the interfaces. Now if we're talking cisco proprietary networks, then they'll be able to use Cisco Discovery Protocol to find directly connected cisco devices and information about them (type/version#/ip/etc). There's more that can be said about the mac address table (which isn't arp), and looking to see if it multiple ip's show up as the same mac address (leading us to assume that those multiple devices are connected by another switch)... ...but now going back and reading boris's original question, if it's something like, "given a pretty barebones network topology with pretty much 2 switches connected to eachother, how do they determine if the <cross-over or straight-through cable> is right for their setup based on the pin connections?" from a couple minutes of looking, it seems that most modern nics use "auto sensing" or "Universal Cable Recognition". I haven't come across an article yet that describes exactly how it works, but my guess is that as soon as a packet goes across the wire for the first time, the NICs on the switches sense which pair of wires were used to transmit and auto-adjust themselves for the correct configuration to listen on those pins and transmit on the others. This link mentions auto-sensing towards the bottom: Ethernet crossover cable ok, n/m, i went back and read again and don't think that was what boris was talking about in the first post.... Quote
dlots Posted October 31, 2008 Posted October 31, 2008 Generally at least on Cisco stuff it looks at how many mac addresses you have on that port. If your looking for a way to get around this get any old router and hook that up. You'll be able to hook up a switch to that and since routers don't send any mac address other than their own it will look like just 1 computer. You may have issues with other people trying to get onto your computer though since you'll have a network that no router will point to. You'll be able to get out and onto other people's machines though easy enouph though. As for the arp thing ARP is generally active and going out looking for MAC addresses. Switches don't need to do this they just watch all ports and record the MAC address of the traffic that comes out of said ports. (it doesn't watch the destination MAC though just the source) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.