I have a MAC address that sends out random ARP requests. I know the MAC address so I did 'show mac-address-table' to find the port(fa0/8). I found the port but the weird thing is that there are 2 MAC addresses listed for that port. I figured it was a bad NIC or software so I replaced the NIC. The MAC address then appeared on another port (fa0/5). Again, there was only one device connected on that interface but there were still 2 MAC addresses listed for that port in 'show mac-address-table.' For giggles I switched the NIC on that device then the ghost MAC address appeared on a different port(fa0/12) when I issued 'show mac-address-table' What in the world is going on? I am completely stumped as to why this MAC address won't go away.
it seems like if you have a virus and he is spreading you devices one after one,you know that there is a lot of tools that can saturate your cam table by randamely mac-addresses the purpose of such tools is make the mac-address-table full so the switch after that start flooding traffic to every port like a stupid hub, and this is what the tool is looking for at that stage he can start sniffing your network ;-)
soooo , clean out the device from thevirus if so, or just implement a simple layer 2 security by limiting the number of mac that may appear from a port to 1 and see again if it resolves, may be the port will go in errdisable if that mac try to appear!!!!
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...