Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Port Security and Duplicate IP's

I'm trying to track down the logic for this, any help would be appreciated.

For reference, Computer A is attached to Switch A, Computer B is attached to Switch B. Both computers have the same IP address assigned, one obtained through DHCP, the other erroneously statically set.

Port-securtiy is triggered on switch A because the maximum mac-count on the port had been reached. The mac-address that triggered this even belongs to Computer B attached to Switch B.

How did a computer attached to Switch B trigger a port-security event on Switch A based on a duplicate IP address?

Closests answer I have so far is based on gratuitous ARP that windows uses to detect duplicate IP addresses, but that doesn't not explain to me how a frame with the source mac-address of Computer B originated from Computer A's port.

Thanks in advance,

Craig

1 REPLY
Bronze

Re: Port Security and Duplicate IP's

Answered my own question, gratuitous ARP's are sent out by windows to detect if there is already a machine with that IP already on the network, it then sends out another gratuitous ARP with a spoofed mac-address of the original machines MAC to correct the ARP tables of any other devices that might have recieved the original g-ARP.

384
Views
0
Helpful
1
Replies