When HSRP is configured, as soon as the Active switch / its link goes down, the active MAC is been taken over by Standby switch. Hope i am correct
During this transition period, MAC address of Switch-A will be learnt in fa 0/1 port of Switch-C. When Switch-A is down the MAC address is moved to Switch-B. But the mac address table of Switch-C still Points to fa0/1. After the aging only it will be moved to fa 0/2 where Switch-B is connected.
Hope i understood the concept in right way. How this actually works?
While getting this concept, suddenly i have another thought, perhaps it is very basic.
What will happen if host-A with MAC 00:00:00:00:00:01 is connected in Fa0/1 and Host-B(Attacker) connects his laptop configured with same MAC in fa 0/2 and send gratious ARP. I know it may result in duplicate error message. But whether it will erase the CAM entry of Fa0/1 ? and Host-B MAC will be entered?
yes the last overrides if this happens multiple times error messages about too many moves of MAC xx or MAC address flapping between ports Y and Z appear.
Most of MAC attacks are done to fill the CAM table with a brute force attack:
frames with a random source mac addresses are sent in an attempt to fill the CAM.
if the CAM is full the switch will behave like an hub and attacker can perform man in the middle attacks.
port security can protect from this type of attack
Then, there are more intelligent attacks that use gratuitos ARP to setup a man in the middle scenario to protect from this type of attack DAI dynamic arp inspection with other features like ip source guard and DHCP snooping can be used.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...