When troubleshooting end-to-end connectivity, it is useful to verify mappings between destination IP addresses and Layer 2 Ethernet addresses on individual segments. In IPv4, this functionality is provided by ARP. In IPv6, the ARP functionality is replaced by the neighbor discovery process and ICMPv6. The neighbor table caches IPv6 addresses and their resolved Ethernet physical (MAC) addresses.
IPv4 ARP Table
The arp Windows command displays and modifies entries in the ARP cache that are used to store IPv4 addresses and their resolved Ethernet physical (MAC) addresses. As shown in Figure 1, the arp Windows command lists all devices that are currently in the ARP cache. The information that is displayed for each device includes the IPv4 address, physical (MAC) address, and the type of addressing (static or dynamic).
The cache can be cleared by using the arp -d Windows command if the network administrator wants to repopulate the cache with updated information.
Note: The arp commands in Linux and MAC OS X have a similar syntax.
IPv6 Neighbor Table
As shown in Figure 2, the netsh interface ipv6 show neighbor Windows command lists all devices that are currently in the neighbor table. The information that is displayed for each device includes the IPv6 address, physical (MAC) address, and the type of addressing. By examining the neighbor table, the network administrator can verify that destination IPv6 addresses map to correct Ethernet addresses. The IPv6 link-local addresses on all of R1’s interfaces have been manually configured to FE80::1. Similarly, R2 has been configured with the link-local address of FE80::2 on its interfaces and R3 has been configured with the link-local address of FE80::3 on its interfaces. Remember, link-local addresses only have to be unique on the link or network.
Note: The neighbor table for Linux and MAC OS X can be displayed using ip neigh show command.
Figure 3 shows an example of the neighbor table on the Cisco IOS router, using the show ipv6 neighbors command.
Note: The neighbor states for IPv6 are more complex than the ARP table states in IPv4. Additional information is contained in RFC 4861.
Switch MAC Address Table
A switch forwards a frame only to the port where the destination is connected. To do this, the switch consults its MAC address table. The MAC address table lists the MAC address connected to each port. Use the show mac address-table command to display the MAC address table on the switch. An example of PC1’s local switch is shown in Figure 4. Remember, a switch’s MAC address table only contains Layer 2 information, including the Ethernet MAC address and the port number. IP address information is not included.
VLAN Assignment
Another issue to consider when troubleshooting end-to-end connectivity is VLAN assignment. In the switched network, each port in a switch belongs to a VLAN. Each VLAN is considered a separate logical network, and packets destined for stations that do not belong to the VLAN must be forwarded through a device that supports routing. If a host in one VLAN sends a broadcast Ethernet frame, such as an arp request, all hosts in the same VLAN receive the frame; hosts in other VLANs do not. Even if two hosts are in the same IP network, they will not be able to communicate if they are connected to ports assigned to two separate VLANs. Additionally, if the VLAN to which the port belongs is deleted, the port becomes inactive. All hosts attached to ports belonging to the VLAN that was deleted are unable to communicate with the rest of the network. Commands such as show vlan can be used to validate vlan assignments on a switch.
Troubleshooting Example
Refer to the topology in Figure 5. To improve the wire management in the wiring closet, the cables connecting to S1 were reorganized. Almost immediately afterward, users started calling the support desk stating that they could no longer reach devices outside their own network. An examination of PC1’s ARP table using the arp Windows command shows that the ARP table no longer contains an entry for the default gateway 10.1.10.1, as shown in Figure 6. There were no configuration changes on the router, so S1 is the focus of the troubleshooting.
The MAC address table for S1, as shown in Figure 7, shows that the MAC address for R1 is on a different VLAN than the rest of the 10.1.10.0/24 devices including PC1. During the re-cabling, R1’s patch cable was moved from Fa 0/4 on VLAN 10 to Fa 0/1 on VLAN 1. After the network administrator configured S1’s Fa 0/1 port to be on VLAN 10, as shown in Figure 8, the problem was resolved. As shown in Figure 9, the MAC address table now shows VLAN 10 for the MAC address of R1 on port Fa 0/1.