I am confused by your explaination of broadcasts on p. 100 of the 640-802 book. I thought that I understood broadcasts, but then was confused after reading that.

You define the following:
Layer 2 Broadcasts - These are sent to all nodes on a LAN.
Broadcasts (Layer 3) - These are sent to all nodes on the network.

You then go on to say that layer 2 broadcasts do not go past the LAN boundary (router). Layer 3 broadcasts reach all hosts on a broadcast domain.

Now my question. Routers breakup broadcast domains, Correct? Isn't that really the same thing? Are you using the words "LAN", "network", and "broadcast domain" interchangeably? It sounds to me that both layer 2 and layer 3 broadcasts both stop at the router, the only difference being that one is logical, the other physical. Am I corerct? Where do layer 2 and layer 3 broadcasts stop? Can you please explain?

Here's an easy way to think about it:
Layer 2 broadcasts are hardware broadcasts. They use a MAC address to broadcast. Switches are layer 2 devices, which use MAC addresses to forward frames to hosts connected to them. Broadcasts that are sent at layer 2 won't leave a LAN that is contained by a switch (or switches if we're looking at VTP), so they will remain local to the network.
Layer 3 broadcasts are IP broadcasts, using an IP address as a broadcast address. These broadcasts are sent across not only switches, using ARP, but also through all routers that are connected to the switches, since routers are a layer 3 routing device.

This is my understanding of how the broadcasts work.

If a router breaks up broadcast domains, then how does a layer 3 broadcast go through the router to all connected networks? It sounds as though both stop at the router, but different terminology is being used at layer 2 and layer 3.

I agree with you. The explanation is not clear.
I can't figure out how the two broadcasts are worked out by the "network".
I understand the different level of operation (layer 2 broadcast is at "hardware" level, while layer 3 is at logical, i.e. IP) but I'm really confused. I can't imagine how can I have the same network composed of different segments and connected by router (the only situation I can imagine where a Layer 3 broadcast passes a router).
Also, I have some doubt about 255.255.255.255 broadcast address.
On page 93 it is defined as "all networks, all nodes", then in table 2.4 (page 96) as "all nodes on the current network", and again on page 100 as "all networks, all nodes".
What I've found is that, according to RFC standards (919, 922 and 1812) the second definition is correct (all nodes on the current network, or local hardware network) and this kind of broadcast must not be forwarded by routers.

I think some more examples are needed, starting with something very basic.

yeah i understand it in a way but m confused as well, so probably will be good if someone clearly explains this

thanks

Now my question. Routers breakup broadcast domains, Correct? Isn't that really the same thing? Are you using the words "LAN", "network", and "broadcast domain" interchangeably? It sounds to me that both layer 2 and layer 3 broadcasts both stop at the router, the only difference being that one is logical, the other physical. Am I corerct? Where do layer 2 and layer 3 broadcasts stop? Can you please explain?

Every network interface card examines every frame which passes it - it runs a CRC check and if the frame isn't corrupt, it then looks in the header of the frame at the MAC address. If the MAC address is the same as the one burned onto the NIC, the frame is un-encapsulated and the IP address in the packet header is examined - and on up the stack it goes.

Switches never unencapsulate a frame - they just look at the MAC address and send the frame out the port that it needs to go (according to the MAC table it has built by looking at the source MAC address in frame headers). So switches break up layer 2 broadcast domains - which is nice since that way I can plug my computer's NIC into a switch and I only have to run CRC checks on frames that are addressed to me. The switch won't send any frames onto my segment of the LAN that don't have my MAC address.

A router takes any frame that passed its NIC, runs a CRC check and if the MAC address in the frame's header matches the address burned into the NIC, it unencapsulates it and looks at the IP address in the packet header. But let's say the frame is a layer 2 broadcast (FFFF.FFFF.FFFF) - what does the router do with it? It unencapsulates it and looks at the IP address - and depending upon what the IP address is, it either routes it or drops it. What a router doesn't do is just forward the layer 2 broadcast frame on without making a decision about the data packet based on the IP address. This is different than what a switch does - it just looks at the FFFF.FFFF.FFFF and floods the frame out every available port.

So switches don't break up Layer 2 broadcast domains (and switches don't even know that Layer 3 exists). Routers do break up Layer 2 broadcast domains because they look at the IP address contained in the packet header encapsulated in the frame and make a decision what to do.

And routers don't break up Layer 3 broadcast domains - a packet addressed to 172.16.255.255 gets broadcast to all hosts on the 172.16.0.0 network. A packet addressed to 255.255.255.255 gets broadcast to all hosts on all networks.

hope that helps...

I agree with you. The explanation is not clear.
I can't figure out how the two broadcasts are worked out by the "network".
I understand the different level of operation (layer 2 broadcast is at "hardware" level, while layer 3 is at logical, i.e. IP) but I'm really confused. I can't imagine how can I have the same network composed of different segments and connected by router (the only situation I can imagine where a Layer 3 broadcast passes a router).
Also, I have some doubt about 255.255.255.255 broadcast address.
On page 93 it is defined as "all networks, all nodes", then in table 2.4 (page 96) as "all nodes on the current network", and again on page 100 as "all networks, all nodes".
What I've found is that, according to RFC standards (919, 922 and 1812) the second definition is correct (all nodes on the current network, or local hardware network) and this kind of broadcast must not be forwarded by routers.

I think some more examples are needed, starting with something very basic.

255.255.255.255 represents "all networks, all nodes" but routers do not route it to "all networks, all nodes". Routers only send 255.255.255.255 to all nodes on the the network from which the 255.255.255.255 broadcast was sent. If I send out a 255.255.255.255 broadcast it's the equivalent to saying, "I don't know what network I'm on (so I'm using all binary 1's for the network address even though I don't know how many octets long the network address is) but I want everyone on this network to listen up."

If I already knew what network I was on, say 172.16.0.0, I would instead send a directed broadcast to 172.16.255.255 which is saying, "Hey everyone on Class B network 172.16.0.0, listen up!"

That helps a bit. Thanks for clearing up the fog for us :)

Every network interface card examines every frame which passes it - it runs a CRC check and if the frame isn't corrupt, it then looks in the header of the frame at the MAC address. If the MAC address is the same as the one burned onto the NIC, the frame is un-encapsulated and the IP address in the packet header is examined - and on up the stack it goes.

Switches never unencapsulate a frame - they just look at the MAC address and send the frame out the port that it needs to go (according to the MAC table it has built by looking at the source MAC address in frame headers). So switches break up layer 2 broadcast domains - which is nice since that way I can plug my computer's NIC into a switch and I only have to run CRC checks on frames that are addressed to me. The switch won't send any frames onto my segment of the LAN that don't have my MAC address.

A router takes any frame that passed its NIC, runs a CRC check and if the MAC address in the frame's header matches the address burned into the NIC, it unencapsulates it and looks at the IP address in the packet header. But let's say the frame is a layer 2 broadcast (FFFF.FFFF.FFFF) - what does the router do with it? It unencapsulates it and looks at the IP address - and depending upon what the IP address is, it either routes it or drops it. What a router doesn't do is just forward the layer 2 broadcast frame on without making a decision about the data packet based on the IP address. This is different than what a switch does - it just looks at the FFFF.FFFF.FFFF and floods the frame out every available port.

So switches don't break up Layer 2 broadcast domains (and switches don't even know that Layer 3 exists). Routers do break up Layer 2 broadcast domains because they look at the IP address contained in the packet header encapsulated in the frame and make a decision what to do.

And routers don't break up Layer 3 broadcast domains - a packet addressed to 172.16.255.255 gets broadcast to all hosts on the 172.16.0.0 network. A packet addressed to 255.255.255.255 gets broadcast to all hosts on all networks.

hope that helps...
:confused:

I agree with you. The explanation is not clear.
I can't figure out how the two broadcasts are worked out by the "network".
I understand the different level of operation (layer 2 broadcast is at "hardware" level, while layer 3 is at logical, i.e. IP) but I'm really confused. I can't imagine how can I have the same network composed of different segments and connected by router (the only situation I can imagine where a Layer 3 broadcast passes a router).
Also, I have some doubt about 255.255.255.255 broadcast address.
On page 93 it is defined as "all networks, all nodes", then in table 2.4 (page 96) as "all nodes on the current network", and again on page 100 as "all networks, all nodes".
What I've found is that, according to RFC standards (919, 922 and 1812) the second definition is correct (all nodes on the current network, or local hardware network) and this kind of broadcast must not be forwarded by routers.

I think some more examples are needed, starting with something very basic.


This book does not explain well what broadcast is and how is handled over different layers. It only confused me even more on page 149 "The IP addresses that will be forwarded are 192.168.144.1 through 192.168.159.255. (Yes, the broadcast address is forwarded.)"

I challenge author to reply.

I am confused by your explaination of broadcasts on p. 100 of the 640-802 book. I thought that I understood broadcasts, but then was confused after reading that.

You define the following:
Layer 2 Broadcasts - These are sent to all nodes on a LAN.
Broadcasts (Layer 3) - These are sent to all nodes on the network.

You then go on to say that layer 2 broadcasts do not go past the LAN boundary (router). Layer 3 broadcasts reach all hosts on a broadcast domain.

Now my question. Routers breakup broadcast domains, Correct? Isn't that really the same thing? Are you using the words "LAN", "network", and "broadcast domain" interchangeably? It sounds to me that both layer 2 and layer 3 broadcasts both stop at the router, the only difference being that one is logical, the other physical. Am I corerct? Where do layer 2 and layer 3 broadcasts stop? Can you please explain?

Routers DO NOT forward broadcasts. Yes both L2 and L3 broadcast stop at the router.

On an ethernet segment L2 address are used to send the frames from device to device NOT L3 ip address. L3 is used when the desitination is not on the local link. When you need to send data to some one your system will look at the IP and determine if the destination on the local link or not. IF it is, it will use ARP to find the mac address. If it is not on the local link if will use arp to find the mac address of the gateway interface of the router that the link is attached to. It then send the frame using L2 addressing to either the destination or the gateway.

As you can see L2 and L3 work together. When a L3 protocal needs to send a broadcast, it will use a L3 broadcast address and a L2 broadcast address when it hands off the packet to the datalink layer.

I need say something about broadcasts. Broadcast rarely have any meaning to hosts that are not on the local subnet.

For example in my previous post I mention ARP. The packet is router by layer 3 to the subnet where the destination is. This is where L3 stops and L2 begins. Now that it has found the subnet, it needs to send a broadcast only on that subnet to find the mac of the destination.

L3 protocols that need to send a broadcast will result in L2 sending a broacast on the local subnet because because L2 address is used on the local subnet. So, you will have both L3 and L2 broacasts at the same time.

There are L2 protocols that need to send broacasts will not usually generate a L3 broadcast.

Remember how data is encapsulated going down the osi model on the sending side and up the model on the receiving side.