MAC address are similar result in similar ip address

[Nokia]

Originally posted here by Tiger Shark
The MAC address has to be unique on the local network. ......Thus if you change the MAC address of Laptop B to match that of Laptop A the router will only send packets to the last known MAC address because it registers the MAC address to a given port on itself.

TS??????

Routers do not send packets via MAC address or even care about MAC address - the forward them out on an interface using its IP address - and not the IP of the host, only the network portion of the IP - they deal with networks and don't care about hosts.

so a packet destined for 192.168.2.1/24 will go out of the interface that has the 192.168.2.0 network attached to it - at no time is the MAC looked at.
When it gets out of the interface it will come to a switch - then the MAC address is looked at - the next time the IP is used is when it gets to the host and is double checked to by the host to ensure that the packet is indeed for that host.

[ZT3000]

Originally posted here by Tiger Shark
The MAC address has to be unique on the local network. It is the address that computers, routers, switches etc. use to communicate locally, (The IP address is not really used locally). Thus if you change the MAC address of Laptop B to match that of Laptop A the router will only send packets to the last known MAC address because it registers the MAC address to a given port on itself.

Nokia,

Obviously TS knows his stuff, we all know that!

Just change the mistyped word "router" to "switch". EZ.

Nokia wrote: .....or even care about MAC address

Oh yeah?
Prove that statement.

(have fun trying).

[Nokia]

Well, if you can manage to extract your head out of TS's arse for a brief moment maybe you can mosey on over to CISCO and take a look at what happens to a frame when it is sent to one interface on a router and out of another one - on a normal network, since we are not talking VLANS and ACL's here.

And then inset head back in to TS's arse before you get confused and lonley.

[ZT3000]

Originally posted here by Nokia
Well, if you can manage to extract your head out of TS's arse for a brief moment maybe you can mosey on over to CISCO and take a look at what happens to a frame when it is sent to one interface on a router and out of another one - on a normal network, since we are not talking VLANS and ACL's here.

And then inset head back in to TS's arse before you get confused and lonley.

What?? No smiley



Don't need to mosey anywhere dude.

Routers use MAC's on DHCP and even have a MAC ID on both WLAN interface and LAN interface. Some ISP's check the MAC address and won't allow connection unless the router has the right address.

(Edit: I'll give the readers three guesses who negged this post and the first two guesses don't count.)

[Nokia]

nd even have a MAC ID on both WLAN interface and LAN interface.

Routers have a MAC ID on every interface otherwise it would not receive any frames but how does that fit in to how a router takes a packet from on internetwork and send it out on to another, which is what we are talking about?

I'll answer for you - It doesnt.

Other devices need to know the MAC of the router to send packets to it - but like I said, a router does not need to know the destination MAC of the packet it is routing - only the IP of it.

[ZT3000]

I'm sorry if I was wrong.

Originally posted here by Tiger Shark:
The MAC address has to be unique on the local network. It is the address that computers, routers, switches etc. use to communicate locally,

This is the discussion I was referring to and of which you quoted.
A local network.

[Tiger Shark]

Oh Girls... I did and I didn't mistype router in this situation... I was thinking a home Cable/DSL "router"/firewall which is a switch too... It was mistyped but it wasn't.

However, in a PM to the OP I did start woffling on about _routers_ and have since corrected myself...

[zillah]

Thanks Nokia

as the name suggests if you duplicated a MAC on say port 1 and sent a frame out to another port the table will be updated with your spoofed MAC as being on port 1 - some switches will now delete the real MAC from its table and some will just leave it there.

This is with the scenario of AP which is connected wired to a switch and since PCs accessing AP wirelessly. Then a switch holds in its CAM table different MACs with the same port.

More than one MAC can be assosiated with a port.
A wireless AP is infact a hub, so say you had 4 hosts on the AP and the AP was wired in to port 1 on the switch, the switch would have 4 MACs assosiated with the port

Second scenarion, If I have got two or three PCs connected wired directly to a switch (no AP), then I will get dublicate MAC addresses on different ports (not same port),,,,this is what I meant by

Suppose (my real sceanrio not like this ) I have got laptop A with IP address 10.70.72.93/24 , and MAC is 00-91-4C-2A-2B-2C connected wired to port 10,,,,,,

Since you explained the porcess of 'last packet updates' for a duplicate MAC on same port (thanks) , How does 'last packet updates' behave with a duplicate MAC on different ports (not same port) ?

when it parses its table now, as soon as it comes across the relevant MAC it will stop parsing and send the frame.

It is similar to ACL it starts checking from the top of a list as long as it finds match , it does not go further

30 secs is the default

What i found in cisco curriculum it is 300 sec

More than one MAC can be assosiated with a port.
A wireless AP is infact a hub, so say you had 4 hosts on the AP and the AP was wired in to port 1 on the switch, the switch would have 4 MACs assosiated with the port - it would just send the frame out of the port, the frame would reach the hub and obviously go out to all hosts

.
As you know that an AP has MAC address, why does the switch not include the AP's MAC within its CAM table, shouldn't be 5 MACs instead of 4 MACs ?

[Nokia]

Second scenarion, If I have got two or three PCs connected wired directly to a switch (no AP), then I will get dublicate MAC addresses on different ports (not same port),,,,this is what I meant by

Suppose (my real sceanrio not like this ) I have got laptop A with IP address 10.70.72.93/24 , and MAC is 00-91-4C-2A-2B-2C connected wired to port 10,,,,,,

Since you explained the porcess of 'last packet updates' for a duplicate MAC on same port (thanks) , How does 'last packet updates' behave with a duplicate MAC on different ports (not same port) ?

Sorry mate maybe I didnt explain it well, if a switch is using 'last packet updates' for it's update process it will use it across all ports, depending on how the switch is configured it will either:

Associate the MAC with the new port and do nothing else
Associate the MAC with the new port and delete the original entry
Stop the new MAC from binding with a port and either lock the port out completley or lock the MAC ouit completley.

A lot of it depends on the make/model and configuration of the switch. Usually in the older switches running last packet updates - say you have the mac address of A1 attachetd to port 2 - you now spoof your MAC to also be A1 and attach it to port 5. When you send a frame through the switch yours will be the last packet to update that switch of what port the MAC of A1 is connected to - so the switch (depending on config) will delete the first entry, (presuming the actual host as been moved) and associate you with A1 - until the other host sends a packet then the same process will happen to you.

Since you explained the porcess of 'last packet updates' for a duplicate MAC on same port

This is not what I was getting at - if you have a think about that statement you will realise it doesn't make total sense. How can you have a duplicate MAC on the same port, as far as the switch will concerned there will be one host with that MAC attached to the port, it has no way of knowing there are two hosts with the same MAC - It will still be the one entry for the MAC address.

30 secs is the default

What i found in cisco curriculum it is 300 sec

Ooops sorry, typo - OP edited - 5 mins is the default.

More than one MAC can be assosiated with a port.
A wireless AP is infact a hub, so say you had 4 hosts on the AP and the AP was wired in to port 1 on the switch, the switch would have 4 MACs assosiated with the port - it would just send the frame out of the port, the frame would reach the hub and obviously go out to all hosts
.
As you know that an AP has MAC address, why does the switch not include the AP's MAC within its CAM table, shouldn't be 5 MACs instead of 4 MACs ?

This depends - if you think about the learning process of a switch - a MAC is only added to the filter table once a frame has either been sent or received from the host - if the only hosts to send or receive traffic are the four hosts attached to the AP then only these four MACs will be entered on the table - once the the actual AP sends or receives a frame then this MAC will also be added to the table.

[zillah]

Thanks Nokia

This is not what I was getting at - if you have a think about that statement you will realise it doesn't make total sense. How can you have a duplicate MAC on the same port,

Yes you are right. My understanding to the below quoted statement was (mistakenly ) duplicate MAC on the same port

as the name suggests if you duplicated a MAC on say port 1

one host with that MAC attached to the port, it has no way of knowing there are two hosts with the same MAC - It will still be the one entry for the MAC address.

Yes you are right. But we can have different MAC addresses mapped with the same port number in case if the PCs are connected to a hub and that hub is connected to a switch