it is my understanding that nodes are not aware of the mac address of other nodes they want to communicate with, when a frame is created to communicate node A with node B, the destination mac address field would be empty, to avoid that, ARP comes into play, Ethernet can "peek" into the ip packet in the payload to look at the IP address of node B and ask "who has this IP address" as a broadcast in the LAN, if node B is in the lan, it will be reply and the mac address will then be know as well as the interface to which node B is connected (Mac address and ARP tables updated). If there is no response, the frame will be addressed to the mac address of the gateway to start its journey to the final destination in another network. When re-reading the CCNA book, it indicates that unknow unicasts are flooded to all interfaces and when one replies then the switch knows the interface to which that mac address is connected, which makes sense if I know the mac address of a destination and the entry is not yet in the mac address table of the switch. While I understand that "flooding" process, it conflicts with the statement that nodes know the IP address of other nodes but not their mac address. Are there circumstances in which nodes know mac addresses of other nodes or is ARP always needed to gather that info inthe ARP table?
ARP and Flooding – Understanding the Process
arpfloodip addressmac address
Best Answer
Not exactly.
Before the IP stack passes the packet to the NIC for transport, it needs to learn the next-hop's MAC address by using ARP (IPv4) or NDP (IPv6). Once it knows the address it can pass the packet as payload to the NIC along with the destination's MAC and have it encapsulated and transmitted.
The NIC (Ethernet's data link and physical layer) doesn't care what payload it transports and it certainly doesn't need to peek anywhere. It's the upper network layer's responsibility to provide that destination MAC along with the payload data. (This isn't really true for modern NICs any more that often support offloading functions, but let's ignore that for now.)
Flooding an unknown MAC is an entirely different process in a switch that is used to mimic a repeater/bus when the destination MAC is unknown to the switch. Of course, using ARP also populates any switch's MAC table, so you might say there's some relation.
MAC addresses are only learned through ARP or NDP. Of course, a previously used address stays in the ARP cache for a short period.