Thursday, August 25, 2016

CCNA Question of the Week 1

 on  with No comments 
In , ,  
Group member Donovan Bone posted this question in a discussion, and I thought that it would be a great "Question of the Week" for the group.  So a new thread was started for just it, and a lot of members attempted to answer the question. I didn't expect the majority to get it right, but only one got it right in the three hours I watched the replies.  Not surprisingly, the one person who answered correctly is the only one who actually labbed it up.  So here is the question.

Let's say we have two PC's, PC1 and PC2.  Those two PCs are separated by two switches, SW1 and SW2.  For simplicity sake, all ports on SW1 belong to VLAN1, and all ports on SW2 belong to VLAN2.  All ports on both switches are configured as access ports. No other configuration exists on either switch.  Can these two PC's communicate with one another?

In the above picture, we have the topology referenced in the question.  Keeping with the attempt to keep it simple, I used GNS3 generic switches.  In the following two screenshots, you can see all ports on SW1 belong to VLAN1, and all ports on SW2 belong to VLAN2.

PC1 is set as, and PC2 is set as  No other configuration is present on the PCs.  So if this topology works, the pings will succeed.  Let's give it a try.

As you can see the pings succeed.  Therefore, the PCs are able to communicate freely.  But why?

A lot of people jumped in talking about VLAN's, broadcast domains, SVI's, and a lot of other things that really don't matter here.  As I told people in the group, follow the packet through the topology.  Don't look at the overall picture yet, focus one step at a time.

The packet leaves PC1.  It enters SW1 on port 1.  We can all agree that it will be forwarded to port 2 since ports 1 and 2 both belong to VLAN1, right?  So now we have the frame out on the wire, traveling from SW1 to SW2.  Here's where we have to keep in mind that port 2 on both switches are access ports. Therefore, the frame isn't tagged.  So when it enters SW2, it's treated just as a frame from a host, because that's all SW1 is to it, just another host.  Because they're not trunk ports, the frame isn't tagged, and therefore the two switches know nothing about VLAN information on the other switch.  So essentially, the frame is assigned to VLAN2 on SW2.

Now it's in SW2, and we can all agree that it'll go from port 2 to port 1 without issue because they both belong to VLAN2, correct?  So our frame has arrived at PC2, and the echo reply naturally will go back to PC1 just fine for all the same reasons.

To look at it another way, we've reduced these two switches down to unmanaged switches here.

To further demonstrate the concept, I've added a third switch, SW3, and extended the topology further.  All ports in SW3 are assigned to VLAN3, and again all are configured as access ports.  As you can see, the pings work again.

To be fair, I had to reboot the hosts after making the change, but I'm writing it off as a glitch in GNS3 or VPC rather than the operation of switches.

Let's see how long we can keep this series going.  Let me know if you have a great question of the week.  It should be something that's a little outside of the box and requires some critical thinking, not just "What is the default priority of 802.1d spanning tree?"

Post Discussion Edit:

After posting this in the group, A number of good points were raised.  First, if you connect up the topology before configuring the switches, they may still form trunks in the case of switches that support DTP or similar.  This is why I specifically chose the GNS3 generic switches, but it's something to keep in mind as part of the thought exercise.  Second, it was asked if the PCs need to be on the same subnet.  I don't recall if the original question specified that or not, but that's an important caveat.

If you've made it this far and are still with me, congrats.  You've passed the first portion of the interview!


Post a Comment

Discuss this post!