Professional Documents
Culture Documents
2 ACNunit2 - Partial
2 ACNunit2 - Partial
Figure: MAC.
In the case of the first packet in the flow, SE forwards the frame to
the RP.
The MLS-RP receives the frame, decapsulates (unwraps) the frame,
and determines the destination of a packet.
RP creates a new frame for the packet - decrementing the TTL field,
recalculating the IP header checksum, update source MAC address of
this frame as the MAC address of the RP, update destination MAC
address of this frame as the MAC address of the destination device
(or next-hop router).
The RP then sends the frame to the SE.
The SE therefore makes the MLS cache entry using information from
the frame.
Cisco Express Forwarding (CEF), like MLS , aims to speed the data
routing and forwarding process in a network.
CEF uses two components to optimize the lookup of the information
required to route packets: the Forwarding Information Base (FIB) for
the Layer 3 information and the adjacency table for the Layer 2
information.
CEF creates an FIB by maintaining a copy of the forwarding
information contained in the IP routing table.
The adjacency table contains Layer 2 frame header information,
including next-hop addresses, for all FIB entries.
Figure: Attack.
Various security features are used in the switch for preventing the attacks.
Port security : Cisco port security limits the number of valid MAC
addresses allowed on a port.
If the number of MAC addresses allowed on the port is limited to one,
then only the device with that specific MAC address can successfully
connect to the port.
If a port is configured as a secure port and the maximum number of
MAC addresses is reached, any additional attempts to connect by
unknown MAC addresses will generate a security violation.
When Router A sends its routing table to the other routers, it has no
choice but to send all its routes.
Notice, for example, that all the subnets under Router A start with 10.1,
while all under Router B start with 10.2. Therefore, the routers can
summarize the subnets.