Unicast Flooding

This is for me a new concept I don’t have any see anymore. I only imagine inter-vlan routing by L3 switch or router on a stick.

But you can make this kind of architecture :

In this case : as the request is originated from S1 (who has RA as gateway) to S2.

  • RA acts as router : MAC src = RA ; MAC dsst = S2 in vlan 2

Return :

  • S2 sends to his gateway which this time is RB
  • RB sends packet tthrough SB which has not MAC address of S1 in his CAM for vlan 1
  • So it acts in normal way : IT FLOODS !


You can have other ways where you can see unicast flooding :

  • Spanning-Tree TCN changes
  • Forwarding CAM table overflow

You can protect your LAN by using ‘Unicast Flooding protection’

From 12.1(14)E version it is implemented : ‘unicast flood protection

To check : ‘sh mac-address-table unicast-flood‘.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.