RE: [LinkSec] EPON material
(I sent this email accidentally to Mick only. I resend it now to linksec reflector. I made some improvements, though, so now this is not the same message anymore)
Mick,
L2 bridges forget MAC addresses quicker than L3 routers forget IP addresses. Therefore, it is a wise idea for ARP cache to forget IP address/Ethernet address binding even quicker and send ARP request relatively often. Thus, broadcasts of unicast L3 packets to everybody in L2 domain can be avoided. In that sense L3 or actually L2.5 helps bridges learn L2 topology. In principle, unicast UDP over IP transmission could continue for a long time as broadcast at L2 if ARP message would not come first.
Antti
> -----Original Message-----
> From: ext Mick Seaman [mailto:mick_seaman@ieee.org]
> Sent: 22 August, 2003 22:24
> To: Pietilainen Antti (NRC/Helsinki); stds-802-linksec@ieee.org
> Subject: RE: [LinkSec] EPON material
>
>
> Annti if the following is happening to you as you suggest
>
> "Furthermore, at least in current 802 systems the upper layer
> is constantly required to mess with L2 by initiating ARP
> requests to make L2 memorize its topology. Since bridging is
> so dependent on ARP requests, one could argue that the
> "bridging and security" box in page iii of romanow_1_0703.pdf
> is near L3."
>
> you need to change your bridge vendor. The ARP requests sent
> should be purely those required by L3 to do its job, L2
> learns from the source addresses of all frames in a
> conversation, so once a conversation statrts (i.e. L3 has
> figured out the MAC address it needs to talk to using ARP
> (for an end station) L2 will learn. Even if it fails to learn
> from the ARP (temporary implementation problem perhaps) it will learn.
>
> Mick
>
>
>