Difficulty: Easy
Correct Answer: Floods the frame out all ports in the same VLAN except the incoming port
Explanation:
Introduction / Context:
Ethernet switches use MAC address tables, also called forward or filter tables, to decide where to send frames. When the destination MAC address is known, the switch can forward the frame out a single port. However, when the destination MAC address is not yet in the table, the switch must still attempt to deliver the frame. Understanding how a switch behaves in this unknown destination scenario is fundamental to learning switching and VLAN behavior and is a frequent topic in Cisco certification questions.
Given Data / Assumptions:
Concept / Approach:
Switches operate as learning bridges. They learn source MAC addresses by associating each source address with the port on which a frame is received and storing this mapping in the MAC address table. When a frame arrives and the destination MAC address is unknown, the switch cannot yet make a specific forwarding decision. Instead, it performs a controlled flood: it sends the frame out all other ports in the same VLAN, except the port on which the frame was received. This is different from blindly broadcasting everything because the flooding is constrained to the relevant VLAN. Eventually, when the destination device replies, the switch learns that host's MAC address, and future traffic can be unicast directly.
Step-by-Step Solution:
1. The switch receives a frame on a given interface and examines the source MAC address.
2. It learns the source MAC address by mapping it to the incoming port in the MAC address table.
3. Next, it looks up the destination MAC address in the MAC address table.
4. Because the destination address is not present, the switch cannot forward the frame to a specific port.
5. According to standard Ethernet switching behavior, the switch floods the frame out all other ports in the same VLAN to try to reach the unknown destination.
6. When the destination device responds, the switch learns its MAC address and will use unicast forwarding for future traffic.
Verification / Alternative check:
You can cross check this behavior by recalling that switches always flood unknown unicast frames and broadcast frames. If the destination were a broadcast address, you would expect flooding, and for an unknown unicast destination, the behavior is the same. The other answer choices mention dropping the frame or sending special queries, but that would break normal Ethernet functionality. Network analyzers like Wireshark connected to multiple switch ports would show the same unknown unicast frame appearing on many ports, confirming the flooding behavior.
Why Other Options Are Wrong:
Option a: Forwarding only to the first available uplink port is not how standard switching works and would lead to unpredictable delivery.
Option b: Dropping the frame would prevent communication when a device is first connected and its MAC address is not yet in the table.
Option d: Switches do not send name resolution queries back to the source host when a MAC address is unknown; they simply flood the frame.
Option e: Queuing the frame until the MAC table is manually updated is not standard behavior and would cause significant delays or failures in communication.
Common Pitfalls:
A common misunderstanding is confusing switch behavior with router or DNS behavior. Routers may need additional routing information or ARP resolution, but switches simply learn MAC addresses and forward frames. Another pitfall is assuming that unknown destinations always cause broadcast storms. In reality, controlled flooding is normal, but if there are switching loops in the network without Spanning Tree Protocol, that flooding can be amplified into a broadcast storm. Remember that unknown unicast flooding is a normal and necessary mechanism, whereas endless circulation of frames is a separate loop issue.
Final Answer:
When the destination MAC address is unknown, the switch floods the frame out all ports in the same VLAN except the incoming port.
Discussion & Comments