A. Unicast flooding occurs when multicast traffic arrives on a Layer 2 switch that has directly connected multicast receivers.
B. When PIM snooping is not enabled, unicast flooding occurs on the switch that interconnects the PIM-enabled routers.
C. A man-in-the-middle attack can cause the ARP cache of an end host to have the wrong MAC address. Instead of having the MAC address of the default gateway, it has a MAC address of the man-in-the-middle. This causes all traffic to be unicast flooded through the man-in-the-middle, which can then sniff all packets.
D. Forwarding table overflow prevents new MAC addresses from being learned, and packets destined to those MAC addresses are flooded until space becomes available in the forwarding table.
Causes of Flooding
The very cause of flooding is that destination MAC address of the packet is not in the L2
forwarding table of the switch. In this case the packet will be flooded out of all forwarding
ports in its VLAN (except the port it was received on). Below case studies display most
common reasons for destination MAC address not being known to the switch.
Cause 1: Asymmetric Routing
Large amounts of flooded traffic might saturate low-bandwidth links causing network
performance issues or complete connectivity outage to devices connected across such
Cause 2: Spanning-Tree Protocol Topology Changes
Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology
Change Notification (TCN). TCN is designed to correct forwarding tables after the
forwarding topology has changed. This is necessary to avoid a connectivity outage, as after
a topology change some destinations previously accessible via particular ports might
become accessible via different ports. TCN operates by shortening the forwarding table
aging time, such that if the address is not relearned, it will age out and flooding will occur
Cause 3: Forwarding Table Overflow
Another possible cause of flooding can be overflow of the switch forwarding table. In this
case, new addresses cannot be learned and packets destined to such addresses are
flooded until some space becomes available in the forwarding table. New addresses will
then be learned. This is possible but rare, since most modern switches have large enough
forwarding tables to accommodate MAC addresses for most designs.