Duplicate MAC on the same Network

learnsec · ‎05-04-2012

hello ,

if i have a swx 6500 as core swx and multiple ciso edge swx,

connecting two different servers with the same MAC address but with different IP addresses will affect any of the server fuctionality?

and will i have any errors?

LANIDSM will fire any log?

is there any problem connecting these two servers to my network?

BR,

Sergey Fer · ‎05-04-2012

If you want these servers to be in one VLAN you definitely will have troubles. Switches create CAM tables based on source MACs. So if one server generates frame - all switches will update their CAMs. Then another server will send something - all or some of switches will update their CAMs again... And again, again, again. Firstly, switches will detect the MAC-address flapping. Secondly - traffic will not neccessarily come to the right server. Traffic will always be directed to that server which generated frame last.

If servers will be in different broadcast domains (different VLANs) - it will be OK.

learnsec · ‎05-04-2012

if i will place each server on a separate VLAN is it confirmed that i won't face any trouble?

and relating to the IPS sensing interface will i have any fired alarm?

very appreciated

Giuseppe Larosa · ‎05-04-2012

Hello Learnsec0,

if the two servers are in different Vlans L2 broadcast domains, from a networking point of view it works as TCAM tables are based on Vlan-id, MAC address and port.

I'm not able to tell about the IDS, However most of multilayer switches use a single MAC address as source for all the SVIs (interface vlan X at OSI layer 3) so I would expect the IDS to stay quiet if the duplicate MAC address is seen in different VLANs as this does not create ambiguity.

Hope to help

Giuseppe

hobbe · ‎05-04-2012

Hi

I have had the "pleasure" of getting several network cards with the same mac address.

I would state that it is just blatantly reckless to do that.

the switches and IDS should be just fine, but if the machines ever would be in the same network (such as in a faliure in the network or just plain old misconfiguration) you will have problems with connections shutting down or going to the wrong place and of course mac address flapping in the switches.

This is just a bad thing when you can solve this quite easily with changing the MAC address of the server to one that does not exist in any of the networks.

the macaddress is changeable so you can just set another.

Good luck

HTH

jimmysands73_2 · ‎05-04-2012

I am curious now, how is this possible...meaning NICs with the same MAC address...is this an manf error?

hobbe · ‎05-06-2012

Actually the explanation that I got was that they made 2 of each mac address then they where sent to different parts of the world so they should never meet.

Somehow we got a batch of 20 of them all with the same mac address.

we never got a good reply on how that was able to happen.

there where som quite interesting results when we set them all up.

luckily today it would not have mattered since all you have to do is set another mac address with software.

At that time it was not possible to change mac address easily.

Good luck

HTH

fb_webuser · ‎05-04-2012

We featured your question on our page. You can check our the responses here. http://www.facebook.com/CiscoSupportCommunity/posts/167454423381608

---

Posted by WebUser Cisco NetPro from Cisco Support Community App

fb_webuser · ‎05-05-2012

the switches only knows Mac, With in the same n/w Mac address thrashing will happen, inconsistency in CAM table.

---

Posted by WebUser Baburao Siripurapu from Cisco Support Community App

learnsec · ‎06-16-2012

what do you mean by same n/w?

is it same vlan?

so having same mac -address for two different pcs but where each PC is in a vlan will not make any problem on any switching level (cam table or other) on my network!?