mac address filtering [7:72684]

[Skarphedinsson Arni V.]

Hi

I have some catalyst 2950 and 3550 switches, that I need to control the mac
addresses of the machines that are alowed to connect to the switches, i.e.
something similar to port security, but i dont want to configure it per
port, but rather for a whole switch or vlan, what would be the best way to
accomplish this ?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72684t=72684
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: mac address filtering [7:72684]

[David Vital]

WELL  You can set port security by blade (module) to make it easier,
but if you want to be able to move from one port to another that's gonna be
tough.  I don't know of any 3rd party software that manages that but I
wouldn't be surprised if it was out there.An option you might want to
explore is setting up a MAC-access list.  The question really is how tight
you want security to be and what sort of trade off you are willing to accept
for the convenience.  You can even set up the MAC-access list and associate
traffic for a VLAN and what to do with that traffic.  But you are getting
back to a granular management that might make it easier to just set the
security by port again.  check out this page on Cisco's site.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1214ea1/3550cr/cli1.htm#23702

Good luck.  Let us know how you work it out.

David


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72692t=72684
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: mac address filtering [7:72684]

[Nakul Malik]

use VMPS
-Nakul

Skarphedinsson Arni V.  wrote in message
news:[EMAIL PROTECTED]
 Hi

 I have some catalyst 2950 and 3550 switches, that I need to control the
mac
 addresses of the machines that are alowed to connect to the switches, i.e.
 something similar to port security, but i dont want to configure it per
 port, but rather for a whole switch or vlan, what would be the best way to
 accomplish this ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72698t=72684
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: mac address filtering [7:72684]

[David j]

I know that the following is not MAC security based, but I think you are
looking for something like EAPOL Security. Here is a link
http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a008007f395.html

Skarphedinsson Arni V. wrote:
 
 Hi
 
 I have some catalyst 2950 and 3550 switches, that I need to
 control the mac addresses of the machines that are alowed to
 connect to the switches, i.e. something similar to port
 security, but i dont want to configure it per port, but rather
 for a whole switch or vlan, what would be the best way to
 accomplish this ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72714t=72684
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: telnet with mac address [7:63440]

[[EMAIL PROTECTED]]

I remember that I have made a telnet sesion froma Cisco Aironet 340 (not
sure about the model). You CAN do it if you have the mac. My scenario
was that someone had changed the IP address and I made the telnet with
the mac address.

HTH,
Hamid

hanan  wrote in message
news:...
 Hello
 Could you help please?
 How I can telnet a bridge 350 with his MAC address not with IP address
  
 Thank you
  
 hanan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66043t=63440
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Multicas MAC address in a Cat 3524XL [7:64493]

[[EMAIL PROTECTED]]

Hello every body,
I'm trying to configure a static entry in the mac address table of a
cat3524XL trough the command

mac-address-table static 0100.5e28.68f2 FastEthernet0/6 FastEthernet0/1
FastEthernet0/2

but as you  can see it is a multicast MAC. When I try this command, I get a
error message, Any of you know way or how I can add this entry?

Thanks

Francisco Quiroz



mail2web - Check your email from the web at
http://mail2web.com/ .




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64493t=64493
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC address filtering [7:63463]

[szarek john]

Router(config)#access-list ?
  IP standard access list
   IP extended access list
 IPX SAP access list
 Extended 48-bit MAC address access list
 IPX summary address access list
 IP standard access list (expanded range)
   Protocol type-code access list
 IP extended access list (expanded range)
   DECnet access list
   XNS standard access list
   XNS extended access list
   Appletalk access list
   48-bit MAC address access list
   IPX standard access list
   IPX extended access list
  dynamic-extended  Extend the dynamic ACL abolute timer
  rate-limitSimple rate-limit specific access list
Router(config)#access-list 700 deny 1234.1234.1234 ..00ff
Router(config)#access-list 700 permit .. ..
Router(config)#int fa0/0
Router(config-if)#access-expression input smac(700)


Therefor the deny mac is obviously denying that first mac and then we're
permitting everything else
Keep in mind that MAc's are in hexadecimel and therefor the inverse mask
(ACL remember) is
..   which is kind of like going 255.255.255.255 (any) for an ip
access-list.

Don't fret about the access-expression.  That's the only way to apply
certain ACL's using
Boolean algebraic expression.  smac(700) being source-mac of using address
700.  You can also use dmac(700) being the destination.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63486t=63463
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: telnet with mac address [7:63440]

[hanan]

Thank you very much for your reply
But why I want to telnet because my problem is related to my first email
when I upgrade the bridge350 Cisco to the new firmware but I didn't get
answer for that email problem, so for that I need to telnet the bridge here
is a copy of my first email
The bridge had fixed ip address it didn't take ip address from dhcp, and it
is in the remote network

Hello

I tried today to upgrade our Cisco APs 350 and Cisco Bridges 350 to the new
Version firmware 12
AP 350 I upgrade it was ok but when I upgrade the bridge 350, I couldn't any
More access it from the web browser and this bridge dose association with
The other bridge but without ip address so I upgrade the second bridge and
It wasn't any problem with the upgrade with the second bridge but the
Problem still the same the first bridge associate with the second but
Without ip address I made test link to this bridge and the signal was 60%
And what I have in log is too many station BSS
I saw in Cisco web site and it was this error for bridge 340 and its mean
That the bridge can associate one client at a time
And of course I can't any more access the AP
Can you help what I must do exactly and what I must do also to prevent this?
Problem for the upgrade for the others bridges

hanan




-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 11:02 PM
To: [EMAIL PROTECTED]
Subject: RE: telnet with mac address [7:63440]

hanan wrote:

 Hello
 Could you help please?
 How I can telnet a bridge 350 with his MAC address not with IP
 address

No. Telnet runs above TCP/IP. When you Telnet to something you tell your
Telnet software the IP address (or domain name) of the thing you are
Telnetting to. There's no workaround to this.

But, what problem are you really trying to solve? According to Cisco
documentation, the wireless bridge does have a default address of
192.168.200.1. You could Telnet to that.

However, if the bridge has succesfully gotten a new address from DHCP then
you can no longer use that address. If that is the case, then you can use
the IP Setup Utility (IPSU) to find the bridge's IP address. You may also
use IPSU to set the bridge's IP address.

The IPSU cannot query the bridge's IP address when the computer running IPSU
is on a different subnet than the bridge. If your bridge receives an IP
address from a DHCP server, you must install and run IPSU on a computer on
the same subnet as the bridge.

Priscilla



 Thank you

 hanan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63487t=63440
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

telnet with mac address [7:63440]

[hanan]

Hello
Could you help please?
How I can telnet a bridge 350 with his MAC address not with IP address
 
Thank you
 
hanan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63440t=63440
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: telnet with mac address [7:63440]

[Priscilla Oppenheimer]

hanan wrote:
 
 Hello
 Could you help please?
 How I can telnet a bridge 350 with his MAC address not with IP
 address

No. Telnet runs above TCP/IP. When you Telnet to something you tell your
Telnet software the IP address (or domain name) of the thing you are
Telnetting to. There's no workaround to this.

But, what problem are you really trying to solve? According to Cisco
documentation, the wireless bridge does have a default address of
192.168.200.1. You could Telnet to that.

However, if the bridge has succesfully gotten a new address from DHCP then
you can no longer use that address. If that is the case, then you can use
the IP Setup Utility (IPSU) to find the bridge's IP address. You may also
use IPSU to set the bridge's IP address.

The IPSU cannot query the bridge's IP address when the computer running IPSU
is on a different subnet than the bridge. If your bridge receives an IP
address from a DHCP server, you must install and run IPSU on a computer on
the same subnet as the bridge.

Priscilla


  
 Thank you
  
 hanan
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63445t=63440
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MAC address filtering [7:63463]

[Jarred Nicholls]

Do Cisco routers perform MAC Address/layer 2 filtering with their access
lists?  or only ip filtering? Thanks :-)

Jarred


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63463t=63463
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC Address [7:62251]

[s vermill]

Larry Letterman wrote:
 
 In most cases you will only re-write the source mac address
 when traversing
 across a L3 device. 

I don't think that's so.  A host will have an ARP cache entry for its
gateway.  That would be the destination MAC.  The source MAC would be that
of the sending host itself.  Using its own ARP cache, the gateway would
re-write both the source and destination MAC if the destination was, in
fact, directly attached to (or reachable via) another Ethernet interface. 
If not, and the packet needed to cross some serial WAN link, both MACs would
simply be stripped off.  Every L3 device strips off source and dest. MAC at
ingress.  Whether or not a new source and dest. MAC is encapsulated around
the IP packet depends on whether or not the destination is reachable via
another Ethernet interface.

 If you go across a layer 2 network, all
 the mac address's
 would typically be part of the same broadcast domain and not
 need to be changed.
 
 If you go across a T1 or Frame it will still be mapped to or
 have an assigned IP Address
 that constitutes a layer 3 hop and write its mac address in
 the frame.
 
 However if I am wrong here, Priscilla or Howard or Chuck
 will let me know...:)
 
 Larry Letterman
 Network Engineer
 Cisco Systems
 
 
 - Original Message -
 From: Cisco Newbie 
 To: 
 Sent: Friday, January 31, 2003 11:42 AM
 Subject: RE: MAC Address [7:62251]
 
 
  First, thanks for all that responded.  One clarification
 that I need address
  is the following:
 
  If I cross a L3 router and the outgoing interface is
 something other than
  Ethernet, will the L2 frame show a new MAC address?  In
 other words, if my
  outgoing interface is say T1 PPP or even a dial-up, should
 I be seeing a new
  MAC address?
 
  Is it only when I cross a L3 device AND my outgoing
 interface is a share
  medium like Ethernet that a new MAC address will be placed
 on the frame?
 
  Thanks.
 
 
 
  -
  Do you Yahoo!?
  Yahoo! Mail Plus - Powerful. Affordable. Sign up now
 [EMAIL PROTECTED]
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62354t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC Address [7:62251]

[Priscilla Oppenheimer]

s vermill wrote:
 
 Larry Letterman wrote:
  
  In most cases you will only re-write the source mac address
  when traversing
  across a L3 device. 
 
 I don't think that's so.  

Did you misplace your comment? I think his first comment is correct, but
then a following one is strangely worded. See below.

 A host will have an ARP cache entry
 for its gateway.  That would be the destination MAC.  The
 source MAC would be that of the sending host itself.  Using its
 own ARP cache, the gateway would re-write both the source and
 destination MAC if the destination was, in fact, directly
 attached to (or reachable via) another Ethernet interface. 
 If
 not, and the packet needed to cross some serial WAN link, both
 MACs would simply be stripped off.  Every L3 device strips off
 source and dest. MAC at ingress.  Whether or not a new source
 and dest. MAC is encapsulated around the IP packet depends on
 whether or not the destination is reachable via another
 Ethernet interface.

Or Token Ring, FDDI, LocalTalk. :-)

 
  If you go across a layer 2 network, all
  the mac address's
  would typically be part of the same broadcast domain and not
  need to be changed.
  
  If you go across a T1 or Frame it will still be mapped to or
  have an assigned IP Address
  that constitutes a layer 3 hop and write its mac address in
  the frame.

Here's where he went astray. As I mentioned earlier, a serial interface
doesn't have a MAC address and the data-link-layer protocols used across
serial interfaces don't have MAC addresses in them.

The sentence isn't parsable, (sorry Larry!) but may indicate some additional
misunderstanding.  The fact that the next hop has a Layer 3 address isn't of
major significance when talking about forwarding traffic and the addresses
that end up in the forwarded packet. The IP addresses don't change
end-to-end. MAC addresses on LANs change, hop by hop. WANs don't have MAC
addresses.

Yes, routing protocols exchange next hop info using IP addresses. So, if
we're considering Ethernet, at some point the source router must have found
out the MAC address of the destination router using ARP. The router will put
its own MAC address in the source field and the destination (next hop)
router's MAC address in the destination field.

In the case of a T1 point-to-point link, a MAC address isn't necessary since
it's not a shared medium and there's no need to identify which station
should receive the frame. There is only one other station!

Now, Frame Relay is shared in the cloud. The DLCI would help the L2
switches in the cloud forward the frame correctly. Inverse ARP would help
the router map a L3 next hop address to a DLCI, if I understand it correctly.

Priscilla



  
  However if I am wrong here, Priscilla or Howard or Chuck
  will let me know...:)
  
  Larry Letterman
  Network Engineer
  Cisco Systems
  
  
  - Original Message -
  From: Cisco Newbie 
  To: 
  Sent: Friday, January 31, 2003 11:42 AM
  Subject: RE: MAC Address [7:62251]
  
  
   First, thanks for all that responded.  One clarification
  that I need address
   is the following:
  
   If I cross a L3 router and the outgoing interface is
  something other than
   Ethernet, will the L2 frame show a new MAC address?  In
  other words, if my
   outgoing interface is say T1 PPP or even a dial-up, should
  I be seeing a new
   MAC address?
  
   Is it only when I cross a L3 device AND my outgoing
  interface is a share
   medium like Ethernet that a new MAC address will be placed
  on the frame?
  
   Thanks.
  
  
  
   -
   Do you Yahoo!?
   Yahoo! Mail Plus - Powerful. Affordable. Sign up now
  [EMAIL PROTECTED]
  
  
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62368t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC Address [7:62251]

[s vermill]

Priscilla Oppenheimer wrote:
 
 s vermill wrote:
  
  Larry Letterman wrote:
   
   In most cases you will only re-write the source mac address
   when traversing
   across a L3 device. 
  
  I don't think that's so.  
 
 Did you misplace your comment? 

No.  I disagree that a source MAC re-write would be all that takes place
when crossing a L3 device.  Host A, sending to an off-subnet Host B, would
use its own MAC as the source and the L3 device interface MAC as the
destination.  The L3 device strips both at ingress.  If, in fact, the
destination is on a directly attached shared medium, the source MAC is
re-writen to that of the egress interface.  The destination MAC is whatever
the L3 device has in the ARP cache for Host B.  Both source and destination
MACs change when crossing a L3 device.  Doesn't it sound like Larry is
saying that the source MAC is all that changes and not the destination MAC? 
Or maybe I just took that wrong?

I think his first comment is
 correct, but then a following one is strangely worded. See below
 
  A host will have an ARP cache entry
  for its gateway.  That would be the destination MAC.  The
  source MAC would be that of the sending host itself.  Using
 its
  own ARP cache, the gateway would re-write both the source and
  destination MAC if the destination was, in fact, directly
  attached to (or reachable via) another Ethernet interface. 
  If
  not, and the packet needed to cross some serial WAN link, both
  MACs would simply be stripped off.  Every L3 device strips off
  source and dest. MAC at ingress.  Whether or not a new source
  and dest. MAC is encapsulated around the IP packet depends on
  whether or not the destination is reachable via another
  Ethernet interface.
 
 Or Token Ring, FDDI, LocalTalk. :-)
 
  
   If you go across a layer 2 network, all
   the mac address's
   would typically be part of the same broadcast domain and not
   need to be changed.
   
   If you go across a T1 or Frame it will still be mapped to or
   have an assigned IP Address
   that constitutes a layer 3 hop and write its mac address in
   the frame.
 
 Here's where he went astray. As I mentioned earlier, a serial
 interface doesn't have a MAC address and the data-link-layer
 protocols used across serial interfaces don't have MAC
 addresses in them.
 
 The sentence isn't parsable, (sorry Larry!) but may indicate
 some additional misunderstanding.  The fact that the next hop
 has a Layer 3 address isn't of major significance when talking
 about forwarding traffic and the addresses that end up in the
 forwarded packet. The IP addresses don't change end-to-end. MAC
 addresses on LANs change, hop by hop. WANs don't have MAC
 addresses.
 
 Yes, routing protocols exchange next hop info using IP
 addresses. So, if we're considering Ethernet, at some point the
 source router must have found out the MAC address of the
 destination router using ARP. The router will put its own MAC
 address in the source field and the destination (next hop)
 router's MAC address in the destination field.
 
 In the case of a T1 point-to-point link, a MAC address isn't
 necessary since it's not a shared medium and there's no need to
 identify which station should receive the frame. There is only
 one other station!
 
 Now, Frame Relay is shared in the cloud. The DLCI would help
 the L2 switches in the cloud forward the frame correctly.
 Inverse ARP would help the router map a L3 next hop address to
 a DLCI, if I understand it correctly.
 
 Priscilla
 
 
 
   
   However if I am wrong here, Priscilla or Howard or Chuck
   will let me know...:)
   
   Larry Letterman
   Network Engineer
   Cisco Systems
   
   
   - Original Message -
   From: Cisco Newbie 
   To: 
   Sent: Friday, January 31, 2003 11:42 AM
   Subject: RE: MAC Address [7:62251]
   
   
First, thanks for all that responded.  One clarification
   that I need address
is the following:
   
If I cross a L3 router and the outgoing interface is
   something other than
Ethernet, will the L2 frame show a new MAC address?  In
   other words, if my
outgoing interface is say T1 PPP or even a dial-up, should
   I be seeing a new
MAC address?
   
Is it only when I cross a L3 device AND my outgoing
   interface is a share
medium like Ethernet that a new MAC address will be placed
   on the frame?
   
Thanks.
   
   
   
-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now
   [EMAIL PROTECTED]
   
   
  
  
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62372t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC Address [7:62251]

[s vermill]

s vermill wrote:
 
 Priscilla Oppenheimer wrote:
  
  s vermill wrote:
   
   Larry Letterman wrote:

In most cases you will only re-write the source mac
 address
when traversing
across a L3 device. 
   
   I don't think that's so.  
  
  Did you misplace your comment? 
 
 No.  I disagree that a source MAC re-write would be all that
 takes place when crossing a L3 device.  Host A, sending to an
 off-subnet Host B, would use its own MAC as the source and the
 L3 device interface MAC as the destination.  The L3 device
 strips both at ingress.  If, in fact, the destination is on a
 directly attached shared medium, the source MAC is re-writen to
 that of the egress interface.  The destination MAC is whatever
 the L3 device has in the ARP cache for Host B.  Both source and
 destination MACs change when crossing a L3 device.  Doesn't it
 sound like Larry is saying that the source MAC is all that
 changes and not the destination MAC?  Or maybe I just took that
 wrong?

I think that maybe Larry was saying that the only time it would be
*necessary* to change the source MAC is when traversing a L3 device.  He
isn't necessarily saying that only the source MAC would change when crossing
one.  Sorry Larry.  I think that was a mis-read on my part.

 
 I think his first comment is
  correct, but then a following one is strangely worded. See
 below
  
   A host will have an ARP cache entry
   for its gateway.  That would be the destination MAC.  The
   source MAC would be that of the sending host itself.  Using
  its
   own ARP cache, the gateway would re-write both the source
 and
   destination MAC if the destination was, in fact, directly
   attached to (or reachable via) another Ethernet interface. 
   If
   not, and the packet needed to cross some serial WAN link,
 both
   MACs would simply be stripped off.  Every L3 device strips
 off
   source and dest. MAC at ingress.  Whether or not a new
 source
   and dest. MAC is encapsulated around the IP packet depends
 on
   whether or not the destination is reachable via another
   Ethernet interface.
  
  Or Token Ring, FDDI, LocalTalk. :-)
  
   
If you go across a layer 2 network, all
the mac address's
would typically be part of the same broadcast domain and
 not
need to be changed.

If you go across a T1 or Frame it will still be mapped to
 or
have an assigned IP Address
that constitutes a layer 3 hop and write its mac address
 in
the frame.
  
  Here's where he went astray. As I mentioned earlier, a serial
  interface doesn't have a MAC address and the data-link-layer
  protocols used across serial interfaces don't have MAC
  addresses in them.
  
  The sentence isn't parsable, (sorry Larry!) but may indicate
  some additional misunderstanding.  The fact that the next hop
  has a Layer 3 address isn't of major significance when talking
  about forwarding traffic and the addresses that end up in the
  forwarded packet. The IP addresses don't change end-to-end.
 MAC
  addresses on LANs change, hop by hop. WANs don't have MAC
  addresses.
  
  Yes, routing protocols exchange next hop info using IP
  addresses. So, if we're considering Ethernet, at some point
 the
  source router must have found out the MAC address of the
  destination router using ARP. The router will put its own MAC
  address in the source field and the destination (next hop)
  router's MAC address in the destination field.
  
  In the case of a T1 point-to-point link, a MAC address isn't
  necessary since it's not a shared medium and there's no need
 to
  identify which station should receive the frame. There is only
  one other station!
  
  Now, Frame Relay is shared in the cloud. The DLCI would help
  the L2 switches in the cloud forward the frame correctly.
  Inverse ARP would help the router map a L3 next hop address to
  a DLCI, if I understand it correctly.
  
  Priscilla
  
  
  

However if I am wrong here, Priscilla or Howard or Chuck
will let me know...:)

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: Cisco Newbie 
To: 
Sent: Friday, January 31, 2003 11:42 AM
Subject: RE: MAC Address [7:62251]


 First, thanks for all that responded.  One clarification
that I need address
 is the following:

 If I cross a L3 router and the outgoing interface is
something other than
 Ethernet, will the L2 frame show a new MAC address?  In
other words, if my
 outgoing interface is say T1 PPP or even a dial-up,
 should
I be seeing a new
 MAC address?

 Is it only when I cross a L3 device AND my outgoing
interface is a share
 medium like Ethernet that a new MAC address will be
 placed
on the frame?

 Thanks.



 -
 Do you Yahoo!?
 Yahoo! Mail Plus - Powerful. Affordable. Sign up now
[EMAIL PROTECTED

Re: MAC Address [7:62251]

[Priscilla Oppenheimer]

s vermill wrote:
 
 s vermill wrote:
  
  Priscilla Oppenheimer wrote:
   
   s vermill wrote:

Larry Letterman wrote:
 
 In most cases you will only re-write the source mac
  address
 when traversing
 across a L3 device. 

I don't think that's so.  
   
   Did you misplace your comment? 
  
  No.  I disagree that a source MAC re-write would be all that
  takes place when crossing a L3 device.  Host A, sending to an
  off-subnet Host B, would use its own MAC as the source and the
  L3 device interface MAC as the destination.  The L3 device
  strips both at ingress.  If, in fact, the destination is on a
  directly attached shared medium, the source MAC is re-writen
 to
  that of the egress interface.  The destination MAC is whatever
  the L3 device has in the ARP cache for Host B.  Both source
 and
  destination MACs change when crossing a L3 device.  Doesn't it
  sound like Larry is saying that the source MAC is all that
  changes and not the destination MAC?  Or maybe I just took
 that
  wrong?
 
 I think that maybe Larry was saying that the only time it would
 be *necessary* to change the source MAC is when traversing a L3
 device.  

That's how I read it. (He was comparing it to a L2 device.) The word only
is an evil word that editors hate. :-)

P.

 He isn't necessarily saying that only the source MAC
 would change when crossing one.  Sorry Larry.  I think that was
 a mis-read on my part.
 
  
  I think his first comment is
   correct, but then a following one is strangely worded. See
  below
   
A host will have an ARP cache entry
for its gateway.  That would be the destination MAC.  The
source MAC would be that of the sending host itself. 
 Using
   its
own ARP cache, the gateway would re-write both the source
  and
destination MAC if the destination was, in fact, directly
attached to (or reachable via) another Ethernet
 interface.
If
not, and the packet needed to cross some serial WAN link,
  both
MACs would simply be stripped off.  Every L3 device strips
  off
source and dest. MAC at ingress.  Whether or not a new
  source
and dest. MAC is encapsulated around the IP packet depends
  on
whether or not the destination is reachable via another
Ethernet interface.
   
   Or Token Ring, FDDI, LocalTalk. :-)
   

 If you go across a layer 2 network, all
 the mac address's
 would typically be part of the same broadcast domain and
  not
 need to be changed.
 
 If you go across a T1 or Frame it will still be mapped
 to
  or
 have an assigned IP Address
 that constitutes a layer 3 hop and write its mac address
  in
 the frame.
   
   Here's where he went astray. As I mentioned earlier, a
 serial
   interface doesn't have a MAC address and the data-link-layer
   protocols used across serial interfaces don't have MAC
   addresses in them.
   
   The sentence isn't parsable, (sorry Larry!) but may indicate
   some additional misunderstanding.  The fact that the next
 hop
   has a Layer 3 address isn't of major significance when
 talking
   about forwarding traffic and the addresses that end up in
 the
   forwarded packet. The IP addresses don't change end-to-end.
  MAC
   addresses on LANs change, hop by hop. WANs don't have MAC
   addresses.
   
   Yes, routing protocols exchange next hop info using IP
   addresses. So, if we're considering Ethernet, at some point
  the
   source router must have found out the MAC address of the
   destination router using ARP. The router will put its own
 MAC
   address in the source field and the destination (next hop)
   router's MAC address in the destination field.
   
   In the case of a T1 point-to-point link, a MAC address isn't
   necessary since it's not a shared medium and there's no need
  to
   identify which station should receive the frame. There is
 only
   one other station!
   
   Now, Frame Relay is shared in the cloud. The DLCI would
 help
   the L2 switches in the cloud forward the frame correctly.
   Inverse ARP would help the router map a L3 next hop address
 to
   a DLCI, if I understand it correctly.
   
   Priscilla
   
   
   
 
 However if I am wrong here, Priscilla or Howard or Chuck
 will let me know...:)
 
 Larry Letterman
 Network Engineer
 Cisco Systems
 
 
 - Original Message -
 From: Cisco Newbie 
 To: 
 Sent: Friday, January 31, 2003 11:42 AM
 Subject: RE: MAC Address [7:62251]
 
 
  First, thanks for all that responded.  One
 clarification
 that I need address
  is the following:
 
  If I cross a L3 router and the outgoing interface is
 something other than
  Ethernet, will the L2 frame show a new MAC address? 
 In
 other words, if my
  outgoing interface is say T1 PPP or even a dial-up,
  should
 I be seeing a new
  MAC address?
 
  Is it only when I cross a L3 device AND my outgoing

Re: MAC Address [7:62251]

[Larry Letterman]

Sorry for the confusion. My indication to the original post
was meant to say that the source mac address will change
from hop to hop...and the destination mac address, the
source and dest. ip address's should remain the
same. As Scott says,the routers may change more than the mac
address's when the packet is re-wrote, but I didn't think
that level of detail was asked in the question

My answer about wan issues was incorrect as Priscilla
pointed out...which obviously points out my lack of day to
day knowledge on the wan side.

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: Priscilla Oppenheimer 
To: 
Sent: Monday, February 03, 2003 12:45 PM
Subject: Re: MAC Address [7:62251]


 s vermill wrote:
 
  s vermill wrote:
  
   Priscilla Oppenheimer wrote:
   
s vermill wrote:

 Larry Letterman wrote:
 
  In most cases you will only re-write the source
mac
   address
  when traversing
  across a L3 device.

 I don't think that's so.
   
Did you misplace your comment?
  
   No.  I disagree that a source MAC re-write would be
all that
   takes place when crossing a L3 device.  Host A,
sending to an
   off-subnet Host B, would use its own MAC as the source
and the
   L3 device interface MAC as the destination.  The L3
device
   strips both at ingress.  If, in fact, the destination
is on a
   directly attached shared medium, the source MAC is
re-writen
  to
   that of the egress interface.  The destination MAC is
whatever
   the L3 device has in the ARP cache for Host B.  Both
source
  and
   destination MACs change when crossing a L3 device.
Doesn't it
   sound like Larry is saying that the source MAC is all
that
   changes and not the destination MAC?  Or maybe I just
took
  that
   wrong?
 
  I think that maybe Larry was saying that the only time
it would
  be *necessary* to change the source MAC is when
traversing a L3
  device.

 That's how I read it. (He was comparing it to a L2
device.) The word only
 is an evil word that editors hate. :-)

 P.

  He isn't necessarily saying that only the source MAC
  would change when crossing one.  Sorry Larry.  I think
that was
  a mis-read on my part.
 
  
   I think his first comment is
correct, but then a following one is strangely
worded. See
   below
   
 A host will have an ARP cache entry
 for its gateway.  That would be the destination
MAC.  The
 source MAC would be that of the sending host
itself.
  Using
its
 own ARP cache, the gateway would re-write both the
source
   and
 destination MAC if the destination was, in fact,
directly
 attached to (or reachable via) another Ethernet
  interface.
 If
 not, and the packet needed to cross some serial
WAN link,
   both
 MACs would simply be stripped off.  Every L3
device strips
   off
 source and dest. MAC at ingress.  Whether or not a
new
   source
 and dest. MAC is encapsulated around the IP packet
depends
   on
 whether or not the destination is reachable via
another
 Ethernet interface.
   
Or Token Ring, FDDI, LocalTalk. :-)
   

  If you go across a layer 2 network, all
  the mac address's
  would typically be part of the same broadcast
domain and
   not
  need to be changed.
 
  If you go across a T1 or Frame it will still be
mapped
  to
   or
  have an assigned IP Address
  that constitutes a layer 3 hop and write its mac
address
   in
  the frame.
   
Here's where he went astray. As I mentioned earlier,
a
  serial
interface doesn't have a MAC address and the
data-link-layer
protocols used across serial interfaces don't have
MAC
addresses in them.
   
The sentence isn't parsable, (sorry Larry!) but may
indicate
some additional misunderstanding.  The fact that the
next
  hop
has a Layer 3 address isn't of major significance
when
  talking
about forwarding traffic and the addresses that end
up in
  the
forwarded packet. The IP addresses don't change
end-to-end.
   MAC
addresses on LANs change, hop by hop. WANs don't
have MAC
addresses.
   
Yes, routing protocols exchange next hop info using
IP
addresses. So, if we're considering Ethernet, at
some point
   the
source router must have found out the MAC address of
the
destination router using ARP. The router will put
its own
  MAC
address in the source field and the destination
(next hop)
router's MAC address in the destination field.
   
In the case of a T1 point-to-point link, a MAC
address isn't
necessary since it's not a shared medium and there's
no need
   to
identify which station should receive the frame.
There is
  only
one other station!
   
Now, Frame Relay is shared in the cloud. The DLCI
would
  help
the L2 switches in the cloud forward the frame
correctly.
Inverse ARP would help the router map a L3 next hop
address
  to
a DLCI, if I understand it correctly.
   
Priscilla

Re: MAC Address [7:62251]

[Larry Letterman]

In most cases you will only re-write the source mac address
when traversing
across a L3 device. If you go across a layer 2 network, all
the mac address's
would typically be part of the same broadcast domain and not
need to be changed.

If you go across a T1 or Frame it will still be mapped to or
have an assigned IP Address
that constitutes a layer 3 hop and write its mac address in
the frame.

However if I am wrong here, Priscilla or Howard or Chuck
will let me know...:)

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: Cisco Newbie 
To: 
Sent: Friday, January 31, 2003 11:42 AM
Subject: RE: MAC Address [7:62251]


 First, thanks for all that responded.  One clarification
that I need address
 is the following:

 If I cross a L3 router and the outgoing interface is
something other than
 Ethernet, will the L2 frame show a new MAC address?  In
other words, if my
 outgoing interface is say T1 PPP or even a dial-up, should
I be seeing a new
 MAC address?

 Is it only when I cross a L3 device AND my outgoing
interface is a share
 medium like Ethernet that a new MAC address will be placed
on the frame?

 Thanks.



 -
 Do you Yahoo!?
 Yahoo! Mail Plus - Powerful. Affordable. Sign up now
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62306t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC Address [7:62251]

[Priscilla Oppenheimer]

Larry Letterman wrote:
 
 In most cases you will only re-write the source mac address
 when traversing
 across a L3 device. If you go across a layer 2 network, all
 the mac address's
 would typically be part of the same broadcast domain and not
 need to be changed.
 
 If you go across a T1 or Frame it will still be mapped to or
 have an assigned IP Address
 that constitutes a layer 3 hop and write its mac address in
 the frame.

A serial interface doesn't have a MAC address and the protocols used across
a serial link don't have MAC addresses in their headers.

If I misunderstood your point, just let me know. I'm sure you will! :-)

Prisiclla

 
 However if I am wrong here, Priscilla or Howard or Chuck
 will let me know...:)
 
 Larry Letterman
 Network Engineer
 Cisco Systems
 
 
 - Original Message -
 From: Cisco Newbie 
 To: 
 Sent: Friday, January 31, 2003 11:42 AM
 Subject: RE: MAC Address [7:62251]
 
 
  First, thanks for all that responded.  One clarification
 that I need address
  is the following:
 
  If I cross a L3 router and the outgoing interface is
 something other than
  Ethernet, will the L2 frame show a new MAC address?  In
 other words, if my
  outgoing interface is say T1 PPP or even a dial-up, should
 I be seeing a new
  MAC address?
 
  Is it only when I cross a L3 device AND my outgoing
 interface is a share
  medium like Ethernet that a new MAC address will be placed
 on the frame?
 
  Thanks.
 
 
 
  -
  Do you Yahoo!?
  Yahoo! Mail Plus - Powerful. Affordable. Sign up now
 [EMAIL PROTECTED]
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62318t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MAC Address [7:62251]

[Cisco Newbie]

I have a question that has been bothering me.  If a packet traverses a 

L3 devices, does the sorce MAC changes?  When does/doesn't the source MAC
address changes?

thanks.



-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62251t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC Address [7:62251]

[s vermill]

Cisco Newbie wrote:
 
 I have a question that has been bothering me.  If a packet
 traverses a
 
 L3 devices, does the sorce MAC changes?  When does/doesn't the
 source MAC address changes?
 
 thanks.
 
 
 
 -
 Do you Yahoo!?
 Yahoo! Mail Plus - Powerful. Affordable. Sign up now
 
 

The source MAC changes everytime the IP packet moves through a L3 device. 
Even in Multilayer Switching (MLS), where an Ethernet switch moves the
packet across L3 boundaries on behalf of the router, it re-writes the source
MAC to that of the router so it looks as if it traversed the router.  A L2
network is entirely self-contained.  There is no significance of a MAC from
on L2 network to another.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62264t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC Address [7:62251]

[Priscilla Oppenheimer]

s vermill wrote:
 
 Cisco Newbie wrote:
  
  I have a question that has been bothering me.  If a packet
  traverses a
  
  L3 devices, does the sorce MAC changes?  When does/doesn't the
  source MAC address changes?
  
  thanks.
  
  
  
  -
  Do you Yahoo!?
  Yahoo! Mail Plus - Powerful. Affordable. Sign up now
  
  
 
 The source MAC changes everytime the IP packet moves through a
 L3 device.  

Yes, and that's also true for an AppleTalk, IPX, DECnet, Banyan packet, for
what it's worth. Not a whole lot, I suppose, although it may help one
understand a router's behavior.

A router takes in a frame on an input interface, decapsulates it from the L2
header, figures out the output interface, and deals with the relevant L2
issues for the type of L2 protocol on the output interface, including
puttting on a new L2 header.

For example, if the output interface is Ethernet, the router does CSMA and
makes sure the frame is transmitted without encountering a (legal)
collision. If it were Token Ring or FDDI, the router would make the output
interface could get a token and attach the frame. If it's Frame Relay, it
doesn't have to do much, since that's not a shared medium. The router would
not, however, in most cases, monitor whether the frame arrived intact. With
most L2 protocols, it has no way of knowing that.

Priscilla

Even in Multilayer Switching (MLS), where an
 Ethernet switch moves the packet across L3 boundaries on behalf
 of the router, it re-writes the source MAC to that of the
 router so it looks as if it traversed the router.  A L2 network
 is entirely self-contained.  There is no significance of a MAC
 from on L2 network to another.
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62271t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MAC ADDRESS TO IP ADDRESS [7:62272]

[raj]

hi there.
I have a mac address on my network and need a tool to enter the mac address
in and get the ip address from it.

any tool or any windows command line function or even any cisco
router/switch function has that capability?

thank you.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62272t=62272
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC ADDRESS TO IP ADDRESS [7:62272]

[s vermill]

raj wrote:
 
 hi there.
 I have a mac address on my network and need a tool to enter the
 mac address
 in and get the ip address from it.
 
 any tool or any windows command line function or even any cisco
 router/switch function has that capability?
 
 thank you.
 
 

You can do a 'sh apr' on a router or something and look it up.  But IPs
aren't embedded in MACs (except the special case of multicast, but even then
you couldn't recover the entire IP because only 23 bits of the IP are
embedded).  You can also use a sniffer!


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62274t=62272
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC Address [7:62251]

[Cisco Newbie]

First, thanks for all that responded.  One clarification that I need address
is the following:

If I cross a L3 router and the outgoing interface is something other than
Ethernet, will the L2 frame show a new MAC address?  In other words, if my
outgoing interface is say T1 PPP or even a dial-up, should I be seeing a new
MAC address?

Is it only when I cross a L3 device AND my outgoing interface is a share
medium like Ethernet that a new MAC address will be placed on the frame?

Thanks.



-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62275t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC ADDRESS TO IP ADDRESS [7:62272]

[MADMAN]

How about this, nothin fancy but it's effective:)

C3640A#sh arp | incl 00d0.064a.d400
Internet  172.28.64.1 0   00d0.064a.d400  ARPA   Ethernet1/0
C3640A#

   Dave

raj wrote:
 hi there.
 I have a mac address on my network and need a tool to enter the mac address
 in and get the ip address from it.
 
 any tool or any windows command line function or even any cisco
 router/switch function has that capability?
 
 thank you.
-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

You don't make the poor richer by making the rich poorer. --Winston
Churchill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62276t=62272
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC ADDRESS TO IP ADDRESS [7:62272]

[Waters, Kristina]

Raj,

There's a free utility available called Kiwi's cattools. It has an option
available to build a 'master arp table file' from the cisco devices you
setup in the program, which you can then view in excel. The file will
contain the MAC and the IP and you can search on either. If you haven't used
the program before it might take you a bit to set it up depending on how
many devices you have, but it's pretty handy. I just used it to
automatically change an entry on some dial peer groups on about 15 routers,
much easier than logging in and doing it manually.

Kris.


-Original Message-
From: raj [mailto:[EMAIL PROTECTED]] 
Sent: Friday, January 31, 2003 2:10 PM
To: [EMAIL PROTECTED]
Subject: MAC ADDRESS TO IP ADDRESS [7:62272]


hi there.
I have a mac address on my network and need a tool to enter the mac address
in and get the ip address from it.

any tool or any windows command line function or even any cisco
router/switch function has that capability?

thank you.
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender by email, delete and destroy this message and its 
attachments.
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62279t=62272
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC Address [7:62251]

[s vermill]

Cisco Newbie wrote:
 
 First, thanks for all that responded.  One clarification that I
 need address is the following:
 
 If I cross a L3 router and the outgoing interface is something
 other than Ethernet, will the L2 frame show a new MAC address? 
 In other words, if my outgoing interface is say T1 PPP or even
 a dial-up, should I be seeing a new MAC address?
 
 Is it only when I cross a L3 device AND my outgoing interface
 is a share medium like Ethernet that a new MAC address will be
 placed on the frame?
 
 Thanks.
 
 
 
 -
 Do you Yahoo!?
 Yahoo! Mail Plus - Powerful. Affordable. Sign up now
 
 

Yep.  If the IP packet is destined for a non-Ethernet WAN interface, the
appropriate L2 header is encapsulated around it.  In the case of T1 PPP, an
HDLC-like header is used.  There no longer is any source or destination
MAC address to be found.  They are both stripped off at the ingress Ethernet
interface of the router.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62280t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC Address [7:62251]

[Priscilla Oppenheimer]

Cisco Newbie wrote:
 
 First, thanks for all that responded.  One clarification that I
 need address is the following:
 
 If I cross a L3 router and the outgoing interface is something
 other than Ethernet, will the L2 frame show a new MAC address? 
 In other words, if my outgoing interface is say T1 PPP or even
 a dial-up, should I be seeing a new MAC address?

Well, the old MAC address is definitely gone. It was stripped off on ingress.

T1 PPP and dial-up don't use MAC addresses, so there won't be a new one as
the packet traversse that link. But the packet will end up on a router or
access server at the other end probably, which will output the packet to
Ethernet or some other LAN probably and put in new MAC addresses.

Priscilla

 
 Is it only when I cross a L3 device AND my outgoing interface
 is a share medium like Ethernet that a new MAC address will be
 placed on the frame?
 
 Thanks.
 
 
 
 -
 Do you Yahoo!?
 Yahoo! Mail Plus - Powerful. Affordable. Sign up now
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62286t=62251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Finding out of MAC address in Multilayer switch [7:61554]

[Han Chuan Alex Ang]

hi, I am trying to find out the MAC Address of certian IP in a multilayer
switch , it seem that the only way is to go to that Valn and do a sniffing
to discover , any other quick way from the console or from Cisco Work 2000,
please advice , thanks


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61554t=61554
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Finding out of MAC address in Multilayer switch [7:61554]

[Larry Letterman]

If the switch is running ios and routing, then issue the
following:
# show ip arp x.x.x.x(ip address)
the router will show you the mac address...


Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: Han Chuan Alex Ang 
To: 
Sent: Wednesday, January 22, 2003 2:39 AM
Subject: Finding out of MAC address in Multilayer switch
[7:61554]


 hi, I am trying to find out the MAC Address of certian IP
in a multilayer
 switch , it seem that the only way is to go to that Valn
and do a sniffing
 to discover , any other quick way from the console or from
Cisco Work 2000,
 please advice , thanks
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61586t=61554
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Port Security on 3550 based on given MAC-Address and [7:58326]

[Steven A. Ridder]

Don't worry about the IP address.  The command you had was correct.  Why do
you ask?


--

RFC 1149 Compliant.



MK  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 How can I configure PortSecurity based on MAc-Address and
 IP-Address. I only know about switchport port-security mac-address
 but there must be a way to manage this in conjunction with an IP
 Static ARp entry 





 Thanx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58326t=58326
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

AW: Port Security on 3550 based on given MAC-Address and [7:58329]

[MK]

Because there must be a way, and I was asked about it in our
Company. I know there is some secret behind !

-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Im Auftrag von
Steven A. Ridder
Gesendet: Samstag, 30. November 2002 13:42
An: [EMAIL PROTECTED]
Betreff: Re: Port Security on 3550 based on given MAC-Address and
[7:58326]

Don't worry about the IP address.  The command you had was correct.  Why
do
you ask?


--

RFC 1149 Compliant.



MK  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 How can I configure PortSecurity based on MAc-Address and
 IP-Address. I only know about switchport port-security
mac-address
 but there must be a way to manage this in conjunction with an IP
 Static ARp entry 





 Thanx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58329t=58329
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Port Security on 3550 based on given MAC-Address and [7:58332]

[Steven A. Ridder]

No, just do the mac address.  That's what they're looking for.  Then limit
it to 1, because the default is 150.

On another note, what does the AW in the subject line (RE: in English)stand
for in German?  I used to live in y and I can't think of the word...



MK  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Because there must be a way, and I was asked about it in our
 Company. I know there is some secret behind !

 -Urspr|ngliche Nachricht-
 Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Im Auftrag von
 Steven A. Ridder
 Gesendet: Samstag, 30. November 2002 13:42
 An: [EMAIL PROTECTED]
 Betreff: Re: Port Security on 3550 based on given MAC-Address and
 [7:58326]

 Don't worry about the IP address.  The command you had was correct.  Why
 do
 you ask?


 --

 RFC 1149 Compliant.



 MK  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  How can I configure PortSecurity based on MAc-Address and
  IP-Address. I only know about switchport port-security
 mac-address
  but there must be a way to manage this in conjunction with an IP
  Static ARp entry 
 
 
 
 
 
  Thanx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58332t=58332
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Port Security on 3550 based on given MAC-Address and [7:58331]

[Steven A. Ridder]

MK  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Because there must be a way, and I was asked about it in our
 Company. I know there is some secret behind !

 -Urspr|ngliche Nachricht-
 Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Im Auftrag von
 Steven A. Ridder
 Gesendet: Samstag, 30. November 2002 13:42
 An: [EMAIL PROTECTED]
 Betreff: Re: Port Security on 3550 based on given MAC-Address and
 [7:58326]

 Don't worry about the IP address.  The command you had was correct.  Why
 do
 you ask?


 --

 RFC 1149 Compliant.



 MK  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  How can I configure PortSecurity based on MAc-Address and
  IP-Address. I only know about switchport port-security
 mac-address
  but there must be a way to manage this in conjunction with an IP
  Static ARp entry 
 
 
 
 
 
  Thanx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58331t=58331
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

AW: Port Security on 3550 based on given MAC-Address and [7:58339]

[MK]

I see only a limit within the hole system and that is 128. If I
configure switchport port-security maximum 1 It does'nt show up in the
config so it is default.  Am I right ??

 

regards




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58339t=58339
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Port Security on 3550 based on given MAC-Address and IP-Address [7:58298]

[MK]

How can I configure PortSecurity based on MAc-Address and
IP-Address. I only know about switchport port-security mac-address
but there must be a way to manage this in conjunction with an IP
Static ARp entry 

 

 

Thanx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58298t=58298
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Possible to Filter on Destination MAC-Address on a Router? [7:57312]

[Bucher Lars]

I'm trying to configure an input-access-list on 7204 Routers (IOS 12.2(10)),
which should filter on the destination (!) MAC-address but can't get it
work. Is this even possible?

The router should ignore all traffic with a destination-MAC (multicast) of
0100.5e7c.0006 and accept all other traffic. In my setup, this address is
used with Firewalls in a Stonebeat cluster.

Without filter my routers, by mistake, listen to this traffic, replicate it
and send it out again which causes multicast-storms.

I've read that this is quite a common behaviour observed with Cisco-Routers
that run HSRP. By mistake some Routers (depending on what?) sometimes listen
to all Layer2 Multicast-Traffic instead to just the HSRP-Multicasts.

Unfortunately, I can't configure any filters on the switch, which led me to
the idea to apply a filter on the routers.

It's no problem to configure an extended MAC Access-list (access-list
). But I struggle with applying it to the interface.
The 'bridge-group  input-address-list ' just allows standard MAC
Access-Lists, which would filter the source-address only.

So I tried the follwoing approach (CAR):

access-list 1100 permit .. .. 0100.5e7c.0006
..
access-list 101 permit ip any any

interface fastethernet0/0
rate-limit input access-group 1100 1 10 10 conform-action
drop exceed-action drop
rate-limit input access-group 101 1 10 10 conform-action
transmit exceed-action transmit

In the lab the router accepted the commands, but now it blocks all traffic
instead just the specified destination mac-address.

Any suggestions? Thanks in advance.

Lars Bucher




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57312t=57312
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Possible to Filter on Destination MAC-Address on a [7:57312]

[Priscilla Oppenheimer]

Bucher Lars wrote:
 
 I'm trying to configure an input-access-list on 7204 Routers
 (IOS 12.2(10)),
 which should filter on the destination (!) MAC-address but
 can't get it
 work. Is this even possible?
 
 The router should ignore all traffic with a destination-MAC
 (multicast) of
 0100.5e7c.0006 and accept all other traffic. In my setup, this
 address is
 used with Firewalls in a Stonebeat cluster.
 
 Without filter my routers, by mistake, listen to this traffic,
 replicate it
 and send it out again which causes multicast-storms.

Wouldn't it be better to figure out why the router is doing this? Normally,
a router doesn't replicate multicast traffic and send it out again. Why is
it doing this? Can you send us your config??

Priscilla

 
 I've read that this is quite a common behaviour observed with
 Cisco-Routers
 that run HSRP. By mistake some Routers (depending on what?)
 sometimes listen
 to all Layer2 Multicast-Traffic instead to just the
 HSRP-Multicasts.
 
 Unfortunately, I can't configure any filters on the switch,
 which led me to
 the idea to apply a filter on the routers.
 
 It's no problem to configure an extended MAC Access-list
 (access-list
 ). But I struggle with applying it to the interface.
 The 'bridge-group  input-address-list ' just allows
 standard MAC
 Access-Lists, which would filter the source-address only.
 
 So I tried the follwoing approach (CAR):
 
 access-list 1100 permit .. ..
 0100.5e7c.0006
 ..
 access-list 101 permit ip any any
 
 interface fastethernet0/0
 rate-limit input access-group 1100 1 10 10
 conform-action
 drop exceed-action drop
 rate-limit input access-group 101 1 10 10
 conform-action
 transmit exceed-action transmit
 
 In the lab the router accepted the commands, but now it blocks
 all traffic
 instead just the specified destination mac-address.
 
 Any suggestions? Thanks in advance.
 
 Lars Bucher
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57314t=57312
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Possible to Filter on Destination MAC-Address on a [7:57320]

[Bucher Lars]

Hi Priscilla

Unfortunately, I'm not in the Office right now. So I've just got the
following information at the moment:

IOS (tm) 7200 Software (C7200-IS-M), Version 12.2(10a), RELEASE SOFTWARE
(fc1)
cisco 7204VXR (NPE400) processor (revision A) with 114688K/16384K bytes of
memory

interface FastEthernet0/0
 ip address 10.241.207.197 255.255.255.240
 no ip redirects
 no ip proxy-arp
 duplex full
 speed 100
 ntp disable
 standby 1 ip 10.241.207.196
 standby 1 preempt
 standby 1 track ATM2/0.2010

arp 10.241.207.193 0100.5e7c.0006 ARPA

Otherwise, there's no special configuration.

The static arp entry is needed for the stonebeat solution. As you see, it's
just at Layer2 a multicast. At Layer 3 there's just Unicast. I know it
sounds silly, but that's the way stonebeat implements its cluster solution.

The interesting thing is, that in the LAN I have two other 7200 Routers with
the same config but with NPE 300 Processor board and IOS 12.2(4).
Those 2 Routers don't replicate the traffic.

The same behaviour has been reported by others as well. If you do a search
for 'stonebeat' or 'multicast storm' on Cisco's 'Networking Professionals
Connection' you can find those. It seems to be a general problem with some
Cisco routers, not a Configuration Problem. That's why I was looking for a
'filter-solution.

Regards
Lars Bucher

Priscilla Oppenheimer  schrieb im Newsbeitrag
news:200211121958.TAA22356;groupstudy.com...
 Bucher Lars wrote:
 
  I'm trying to configure an input-access-list on 7204 Routers
  (IOS 12.2(10)),
  which should filter on the destination (!) MAC-address but
  can't get it
  work. Is this even possible?
 
  The router should ignore all traffic with a destination-MAC
  (multicast) of
  0100.5e7c.0006 and accept all other traffic. In my setup, this
  address is
  used with Firewalls in a Stonebeat cluster.
 
  Without filter my routers, by mistake, listen to this traffic,
  replicate it
  and send it out again which causes multicast-storms.

 Wouldn't it be better to figure out why the router is doing this?
Normally,
 a router doesn't replicate multicast traffic and send it out again. Why is
 it doing this? Can you send us your config??

 Priscilla

 
  I've read that this is quite a common behaviour observed with
  Cisco-Routers
  that run HSRP. By mistake some Routers (depending on what?)
  sometimes listen
  to all Layer2 Multicast-Traffic instead to just the
  HSRP-Multicasts.
 
  Unfortunately, I can't configure any filters on the switch,
  which led me to
  the idea to apply a filter on the routers.
 
  It's no problem to configure an extended MAC Access-list
  (access-list
  ). But I struggle with applying it to the interface.
  The 'bridge-group  input-address-list ' just allows
  standard MAC
  Access-Lists, which would filter the source-address only.
 
  So I tried the follwoing approach (CAR):
 
  access-list 1100 permit .. ..
  0100.5e7c.0006
  ..
  access-list 101 permit ip any any
 
  interface fastethernet0/0
  rate-limit input access-group 1100 1 10 10
  conform-action
  drop exceed-action drop
  rate-limit input access-group 101 1 10 10
  conform-action
  transmit exceed-action transmit
 
  In the lab the router accepted the commands, but now it blocks
  all traffic
  instead just the specified destination mac-address.
 
  Any suggestions? Thanks in advance.
 
  Lars Bucher




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57320t=57320
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Possible to Filter on Destination MAC-Address on a [7:57321]

[Logan, Harold]

You'll have to pardon a moment of nostalgia, but the first question I ever
asked on groupstudy was about applying a MAC filter to a router. (sniff sniff)

To apply a MAC ACL to an interface, you have to set it up to bridge, and
since you're routing you need to run IRB. Not that it was meant for such a
purpose, but I've had much better results using CAR on a router to filter by
MAC address rather than applying an access list. It's much simpler to just
use the rate-limit command, imo.

It sounds like the router is behaving normally for a router that has
multicast members located on an interface. If the switches are causing a
broadcast storm, that's a separate issue that should be addressed; the
default behavior of most switches is to flood multicasts out all ports. To
control that you need to enable either CGMP or IGMP snooping on the
appropriate switch ports.

hth,
Hal

 -Original Message-
 From: Priscilla Oppenheimer [mailto:nobody;groupstudy.com]
 Sent: Tuesday, November 12, 2002 2:59 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Possible to Filter on Destination MAC-Address on a
 [7:57312]
 
 
 Bucher Lars wrote:
  
  I'm trying to configure an input-access-list on 7204 Routers
  (IOS 12.2(10)),
  which should filter on the destination (!) MAC-address but
  can't get it
  work. Is this even possible?
  
  The router should ignore all traffic with a destination-MAC
  (multicast) of
  0100.5e7c.0006 and accept all other traffic. In my setup, this
  address is
  used with Firewalls in a Stonebeat cluster.
  
  Without filter my routers, by mistake, listen to this traffic,
  replicate it
  and send it out again which causes multicast-storms.
 
 Wouldn't it be better to figure out why the router is doing 
 this? Normally,
 a router doesn't replicate multicast traffic and send it out 
 again. Why is
 it doing this? Can you send us your config??
 
 Priscilla
 
  
  I've read that this is quite a common behaviour observed with
  Cisco-Routers
  that run HSRP. By mistake some Routers (depending on what?)
  sometimes listen
  to all Layer2 Multicast-Traffic instead to just the
  HSRP-Multicasts.
  
  Unfortunately, I can't configure any filters on the switch,
  which led me to
  the idea to apply a filter on the routers.
  
  It's no problem to configure an extended MAC Access-list
  (access-list
  ). But I struggle with applying it to the interface.
  The 'bridge-group  input-address-list ' just allows
  standard MAC
  Access-Lists, which would filter the source-address only.
  
  So I tried the follwoing approach (CAR):
  
  access-list 1100 permit .. ..
  0100.5e7c.0006
  ..
  access-list 101 permit ip any any
  
  interface fastethernet0/0
  rate-limit input access-group 1100 1 10 10
  conform-action
  drop exceed-action drop
  rate-limit input access-group 101 1 10 10
  conform-action
  transmit exceed-action transmit
  
  In the lab the router accepted the commands, but now it blocks
  all traffic
  instead just the specified destination mac-address.
  
  Any suggestions? Thanks in advance.
  
  Lars Bucher




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57321t=57321
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Possible to Filter on Destination MAC-Address [7:57320]

[Priscilla Oppenheimer]

Bucher Lars wrote:
 
 Hi Priscilla
 
 Unfortunately, I'm not in the Office right now. So I've just
 got the
 following information at the moment:
 
 IOS (tm) 7200 Software (C7200-IS-M), Version 12.2(10a), RELEASE
 SOFTWARE
 (fc1)
 cisco 7204VXR (NPE400) processor (revision A) with
 114688K/16384K bytes of
 memory
 
 interface FastEthernet0/0
  ip address 10.241.207.197 255.255.255.240
  no ip redirects
  no ip proxy-arp
  duplex full
  speed 100
  ntp disable
  standby 1 ip 10.241.207.196
  standby 1 preempt
  standby 1 track ATM2/0.2010
 
 arp 10.241.207.193 0100.5e7c.0006 ARPA
 
 Otherwise, there's no special configuration.
 
 The static arp entry is needed for the stonebeat solution. 

Yes, I've heard of this kludge. ;-)

 As
 you see, it's
 just at Layer2 a multicast. At Layer 3 there's just Unicast. 

Are you sure these aren't Layer 3 mutlicasts also? It's in the range of
multicast addresses reserved by IP Multicast. Regardless I stick to my
comment that a normal router wouldn't forward these. It would have to be
running ICMP and an IP multicast routing protocol. Of course, that's sort of
normal too, but not default behavior.

 I
 know it
 sounds silly, but that's the way stonebeat implements its
 cluster solution.
 
 The interesting thing is, that in the LAN I have two other 7200
 Routers with
 the same config but with NPE 300 Processor board and IOS
 12.2(4).
 Those 2 Routers don't replicate the traffic.

That's good. It confirms my belief that the behavior of the other router is
odd.

 
 The same behaviour has been reported by others as well. If you
 do a search
 for 'stonebeat' or 'multicast storm' on Cisco's 'Networking
 Professionals
 Connection' you can find those. It seems to be a general
 problem with some
 Cisco routers, not a Configuration Problem. That's why I was
 looking for a
 'filter-solution.

Did the other person's response solve the problem for you? The one that
talked abou IRB.

Also, didn't we discuss this just a few days ago? Someone sent a URL that
discussed something similar. Let's see if I can find the URL again

Oh, I found it. It has to do with routers not sending multicast when they
should! But it might have some hints for you. It's here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;223136

Wish I had more targetted advice for you! Anyone else want to help?

Good luck. Keep us posted on what you figure out. Thanks.

Priscilla

 
 Regards
 Lars Bucher
 
 Priscilla Oppenheimer  schrieb im
 Newsbeitrag
 news:200211121958.TAA22356;groupstudy.com...
  Bucher Lars wrote:
  
   I'm trying to configure an input-access-list on 7204 Routers
   (IOS 12.2(10)),
   which should filter on the destination (!) MAC-address but
   can't get it
   work. Is this even possible?
  
   The router should ignore all traffic with a destination-MAC
   (multicast) of
   0100.5e7c.0006 and accept all other traffic. In my setup,
 this
   address is
   used with Firewalls in a Stonebeat cluster.
  
   Without filter my routers, by mistake, listen to this
 traffic,
   replicate it
   and send it out again which causes multicast-storms.
 
  Wouldn't it be better to figure out why the router is doing
 this?
 Normally,
  a router doesn't replicate multicast traffic and send it out
 again. Why is
  it doing this? Can you send us your config??
 
  Priscilla
 
  
   I've read that this is quite a common behaviour observed
 with
   Cisco-Routers
   that run HSRP. By mistake some Routers (depending on what?)
   sometimes listen
   to all Layer2 Multicast-Traffic instead to just the
   HSRP-Multicasts.
  
   Unfortunately, I can't configure any filters on the switch,
   which led me to
   the idea to apply a filter on the routers.
  
   It's no problem to configure an extended MAC Access-list
   (access-list
   ). But I struggle with applying it to the interface.
   The 'bridge-group  input-address-list ' just allows
   standard MAC
   Access-Lists, which would filter the source-address only.
  
   So I tried the follwoing approach (CAR):
  
   access-list 1100 permit .. ..
   0100.5e7c.0006
   ..
   access-list 101 permit ip any any
  
   interface fastethernet0/0
   rate-limit input access-group 1100 1 10 10
   conform-action
   drop exceed-action drop
   rate-limit input access-group 101 1 10 10
   conform-action
   transmit exceed-action transmit
  
   In the lab the router accepted the commands, but now it
 blocks
   all traffic
   instead just the specified destination mac-address.
  
   Any suggestions? Thanks in advance.
  
   Lars Bucher
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57332t=57320
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

mac address [7:49076]

[MADMAN]

Does anyone know if/how you can change to mac addresses of VLAN
interfaces on a MSFC2?  I tried using the mac-address x.x.x command
but it changed the mac address on all the interfaces.   I want to have a
unique mac on each VLAN interface.

  Thanks in advance

  Dave

--
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications Inc.
612-664-3367
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49076t=49076
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Broadcast Mac Address ? [7:48694]

[Priscilla Oppenheimer]

Brunner Joseph wrote:
 
 03-bf-ac-10-32-1d
 
 What makes this mac address broadcast (at layer 2) ? Its used
 by MS TERM SERVER.

It's a Layer 2 multicast address. The first bit transmitted, which on Little
Endian Ethernet is the least significant bit of the first byte, is one. The
first byte is 0011. That makes it a multicast. (A broadcast would be all
ones in all six bytes.)

 
 I searched on google before posting here, but all I could find
 out was some common ranges of broadcast mac addresses, and the
 vendor code for the first part of this mac.

I couldn't find the vendor code. The vendor code would be 02-BF-AC, which I
couldn't find in any of the lists I looked at, for some reason.

 
 I was looking for a pattern or a formula I could use to deduce
 mac's
 like this on my network in the future.

You may have done about as much as you can do. Somehow you figured out that
it's Microsoft and you determined that it's a broadcast (multicast,
actually). You could also study the packets or do some research on this
particular application.

The only patterns or forumulas are the ones I mentioned above, such as the
first bit being a one in multicasts and broadcasts. Here's what I like to
say about such things: The Internet has fallen prey to entropy (the
degradation of the matter and energy in the universe to an ultimate state of
inert uniformity). ;-)

Priscilla





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48706t=48694
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Broadcast Mac Address ? [7:48694]

[Brunner Joseph]

03-bf-ac-10-32-1d

What makes this mac address broadcast (at layer 2) ? Its used by MS TERM
SERVER.

I searched on google before posting here, but all I could find
out was some common ranges of broadcast mac addresses, and the
vendor code for the first part of this mac.

I was looking for a pattern or a formula I could use to deduce mac's
like this on my network in the future.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48694t=48694
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC address in router ARP table [7:48377]

[Carl Timm]

Are you practicing in the lab? If so, just reboot the router. If not, let me
know.

Carl


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48380t=48377
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC address in router ARP table [7:48377]

[LIM Chin Chye]

Is rebooting the only solution? I am thinking of any other possible
method...  

-Original Message-
From: Carl Timm
To: [EMAIL PROTECTED]
Sent: 09/07/2002 2:13 PM
Subject: RE: MAC address in router ARP table [7:48377]

Are you practicing in the lab? If so, just reboot the router. If not,
let me
know.

Carl




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48388t=48377
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC address in router ARP table [7:48377]

[Bob Timmons]

clear arp-cache

 Is rebooting the only solution? I am thinking of any other possible
 method...

 -Original Message-
 From: Carl Timm
 To: [EMAIL PROTECTED]
 Sent: 09/07/2002 2:13 PM
 Subject: RE: MAC address in router ARP table [7:48377]

 Are you practicing in the lab? If so, just reboot the router. If not,
 let me
 know.

 Carl




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48394t=48377
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC address in router ARP table [7:48377]

[cebuano]

Lim,
Two things regarding your post.
1. You can clear a single ARP CACHE entry using SNMP. Check this link...
http://www.cisco.com/warp/public/477/SNMP/clear_arp.shtml

2. Clearing the ARP-CACHE or REBOOTING the router will NOT allow you to 
duplicate a used STATICALLY assigned IP address. I don't know the rest
of
your network topology, so I'm assuming the IP you want to use for
another host is statically assigned to another host. Yes you'll have to
hunt this host down wherever it is and change its IP or release its
DHCP-assigned IP.

HTH,
Elmer

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Bob Timmons
Sent: Tuesday, July 09, 2002 7:30 AM
To: [EMAIL PROTECTED]
Subject: Re: MAC address in router ARP table [7:48377]

clear arp-cache

 Is rebooting the only solution? I am thinking of any other possible
 method...

 -Original Message-
 From: Carl Timm
 To: [EMAIL PROTECTED]
 Sent: 09/07/2002 2:13 PM
 Subject: RE: MAC address in router ARP table [7:48377]

 Are you practicing in the lab? If so, just reboot the router. If not,
 let me
 know.

 Carl




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48399t=48377
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC address in router ARP table [7:48377]

[Michael Williams]

Shot in the dark here. =)

How about clear ip nat trans?  Could you use that to clear the errant NAT
entry to free up that IP address?

Mike W.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48401t=48377
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MAC address in router ARP table [7:48377]

[LIM Chin Chye]

Is there any way to clear the MAC address from the Cisco router ARP table
individually?

I had removed the IP NAT statements and done CLEAR ARP on the routers, but I
am still able to ping the invalid IP address. I need to re-employ the IP for
other usage, but I encounters a clash of IP warning message was replied. How
can I clear away the old inforamtion?

Pls advice.
Lim




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48377t=48377
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MAC Address of 0000:0000:0000 [7:46908]

[Ken Diliberto]

I've been seeing messages from our switches complaining about MAC address of
zero.  Any thoughts on a good search criteria for researching this problem? 
Better yet, anyone found such a problem?

Ken




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46908t=46908
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Ip helper address: which is the mac address? [7:44608]

[TP]

Dear group,
When my CPE  comes up, it makes a dhcp request. The DHCP server is located on
a different subnet .Between dhcp client (CPE) and dhcp server there is a
router whit ip helper-address configured.
My question is the following: if the DHCP server has to assign a specific IP
address to a specific MAC address (CPE's MAC address) but there is a router
between them, the DCHP will read the router MAC address...how does it works?
Where  DHCP will read the correct mac address before giving the right IP
address?

Thanks in advace,
Teresa




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44608t=44608
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Ip helper address: which is the mac address? [7:44608]

[M.C. van den Bovenkamp]

TP wrote:

 Where  DHCP will read the correct mac address before giving the right IP
 address?

From the CHADDR (Client Hardware ADDRess) field in the DHCP packet.

Regards,

Marco.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44609t=44608
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Ip helper address: which is the mac address? [7:44608]

[Chris Charlebois]

The DHCP server doesn't read the actually MAC address of the client PC.  The
DHCP client builds a DHCP request packet that includes the client's MAC
address.  The DHCP relay just passes that packet to the DHCP server, along
with additional information (such as what subnet the request is coming from).


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44615t=44608
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP MAC address [7:44290]

[Love Cisco]

The HSRP has a virtual IP address and MAC address. Can somebody tell me how
the MAC address been chosen. Is that random?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44290t=44290
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP MAC address [7:44290]

[Tim Potier]

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44292t=44290
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MAC address and switch [7:42226]

[Tony Chen]

Please help a curious mind here, the link is to a white paper describing how
to configuring spanning tree.  In the document it describes each switch has
1024 mac address.

Configuring spanning tree

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/config/spantree.htm#xtocid2879613

MAC Address Allocation
The supervisor engine has a pool of 1024 MAC addresses that are used as the
bridge IDs for the VLAN spanning trees. You can use the show module command
to view the MAC address range for the supervisor engine.



Each switch has 1024(MAC)addresses. If I connected
port 8 switch A to port 8 switch B with RJ45 crossover
cable.

1. Will I have 2048 MAC addresses?
2. Do Ethernet switch come with their own MAC address?


Tony


***
This message is a private communication.  If you are not the intended
recipient, please do not read, copy, or use it, and do not disclose it
to others.  Please notify the sender of the delivery error by replying
to this message, and then delete it from your system.  Thank you.


-
Visit http://www.ballfoundation.org for our latest news.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=42226t=42226
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC address and switch [7:42226]

[Priscilla Oppenheimer]

At 11:35 AM 4/22/02, Phil Barker wrote:
2.In order to run the spanning tree protocol the
switch needs to send multicast packets out any of its
ports (BPDUs').
These BPDU's need a source MAC address to distinguish
themselves from each other.

1. I think the 1024 MAC Addresses is referring to how
many MAC Addresses it could store in memory for the
purpose of switching/bridging.

i.e once 1024 MAC addresses have been learned it would
not add any others to the table since the memory would
be exhausted.


Phil,

Your answer makes sense, but remember this is Cisco we're talking about! ;-)

The link says The supervisor engine has a pool of 1024 MAC addresses that 
are used as the bridge IDs for the VLAN spanning trees. The link is 
referring to the switch's own MAC addresses, not the ones in its bridging 
table. The switch has so many MAC addresses because Cisco supports one 
spanning tree per VLAN. There's a different bridge ID for each VLAN.

Your are right, of course, that a bridge has a bridging table that stores 
the MAC addresses and port numbers for stations outside the bridge that the 
bridge has learned about. This is also sometimes called the MAC address 
table or content addressable memory (CAM). The Cisco Catalyst 1900 
(low-end) switch can remember 1024 MAC addresses. A high-end switch such as 
the Catalyst 6000 can remember 32,000 MAC addresses.

You are also right that the source address in a BPDU message is the MAC 
address of the port on the bridge that is transmitting the message. (The 
IEEE requires a bridge to have a distinct MAC address for each port.)

A bridge also has a Bridge ID, as mentioned. The low-order subfield of a 
Bridge ID is a 6-byte MAC address assigned to the bridge. This is a 
hard-coded number that is not designed to be changed by the user. Some 
Cisco switches use one of the MAC addresses of the switch supervisor module 
for the Bridge ID, whereas other Cisco switches use a MAC address assigned 
to the backplane of the switch.

Priscilla



Phil.


  --- Tony Chen  wrote: 
Please help a curious mind here, the link is to a
  white paper describing how
  to configuring spanning tree.  In the document it
  describes each switch has
  1024 mac address.
 
  Configuring spanning tree
 
 
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/config/spantree.htm#xtocid2879613
 
  MAC Address Allocation
  The supervisor engine has a pool of 1024 MAC
  addresses that are used as the
  bridge IDs for the VLAN spanning trees. You can use
  the show module command
  to view the MAC address range for the supervisor
  engine.
 
 
 
  Each switch has 1024(MAC)addresses. If I connected
  port 8 switch A to port 8 switch B with RJ45
  crossover
  cable.
 
  1. Will I have 2048 MAC addresses?
  2. Do Ethernet switch come with their own MAC
  address?
 
 
  Tony
 
 
 
***
  This message is a private communication.  If you are
  not the intended
  recipient, please do not read, copy, or use it, and
  do not disclose it
  to others.  Please notify the sender of the delivery
  error by replying
  to this message, and then delete it from your
  system.  Thank you.
 
 
 
-
  Visit http://www.ballfoundation.org for our latest
  news.
[EMAIL PROTECTED]

__
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=42251t=42226
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC address and switch [7:42226]

[Michael L. Williams]

I was going to post the same answer (there's one built-in MAC for each
supported VLAN) but I didn't have any documents or info to back me up.
and I didn't wanna look like a fool =) (like I've NEVER done that... HA)

So I'll ride your coattails and say Yeah... that's what I was going to
say

Mike W.

Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Phil,

 Your answer makes sense, but remember this is Cisco we're talking about!
;-)

 The link says The supervisor engine has a pool of 1024 MAC addresses that
 are used as the bridge IDs for the VLAN spanning trees. The link is
 referring to the switch's own MAC addresses, not the ones in its bridging
 table. The switch has so many MAC addresses because Cisco supports one
 spanning tree per VLAN. There's a different bridge ID for each VLAN.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=42256t=42226
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Finding a MAC address [7:38560]

[jorge rodriguez]

Depending on varios scenarios:

Assuming the following:
If users worksations are WindowsNT stations and properly configure WINS 
servers you can simply retreave the MAC address by entering the host IP 
address at the windowsnt command-line e.g.  nbtstat -a  ip-address

If you have Catalyst switches you can retreave their connected port by
entering in the switch enable mode CLI e.g show cam dyn .. 
48bit mac address, this command example assumes you have the set base 
catalysts switches, for the IOS base catalyst it would be, e.g.
show mac-address-table address .. .
These commands will pin-point which bridge-port on the switch the 
MAC-address comes from.






Jorge / CCNA CCNP / CCIE Wannabe /

[EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.learncisco.n3.net









Jeffrey Reed wrote:

 What utilities are you guys using to find MAC addresses across a large
 campus network? If I have an end users IP address, check the routers ARP
 for their MAC, whats the easiest way to find out which switch port?
 
 Thanks!!
 
 Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40731t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Finding a MAC address [7:38560]

[Jorge Rodriguez]

Depending on varios scenarios:

Assuming the following:
If users worksations are WindowsNT stations and properly configure WINS 
servers you can simply retreave the MAC address by entering the host IP 
address at the windowsnt command-line e.g.  nbtstat -a  ip-address

If you have Catalyst switches you can retreave their connected port by
entering in the switch enable mode CLI e.g show cam dyn .. 
48bit mac address, this command example assumes you have the set base 
catalysts switches, for the IOS base catalyst it would be, e.g.
show mac-address-table address .. .
These commands will pin-point which bridge-port on the switch the 
MAC-address comes from.






Jorge / CCNA CCNP / CCIE Wannabe /

[EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.learncisco.n3.net









Jeffrey Reed wrote:

 What utilities are you guys using to find MAC addresses across a large
 campus network? If I have an end users IP address, check the routers ARP
 for their MAC, whats the easiest way to find out which switch port?
 
 Thanks!!
 
 Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40730t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Finding a MAC address [7:38560]

[Larry Letterman]

The show cam command uses the mac format of 00-00-00-00-00-00
not the same as the ios command, which uses the ..
format.


Larry Letterman
Cisco Systems
[EMAIL PROTECTED] 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
jorge rodriguez
Sent: Sunday, April 07, 2002 12:07 AM
To: [EMAIL PROTECTED]
Subject: Re: Finding a MAC address [7:38560]


Depending on varios scenarios:

Assuming the following:
If users worksations are WindowsNT stations and properly configure WINS
servers you can simply retreave the MAC address by entering the host IP
address at the windowsnt command-line e.g.  nbtstat -a  ip-address

If you have Catalyst switches you can retreave their connected port by
entering in the switch enable mode CLI e.g show cam dyn ..
48bit mac address, this command example assumes you have the set base
catalysts switches, for the IOS base catalyst it would be, e.g.
show mac-address-table address .. .
These commands will pin-point which bridge-port on the switch the
MAC-address comes from.






Jorge / CCNA CCNP / CCIE Wannabe /

[EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.learncisco.n3.net









Jeffrey Reed wrote:

 What utilities are you guys using to find MAC addresses across a large
 campus network? If I have an end users IP address, check the routers ARP
 for their MAC, whats the easiest way to find out which switch port?

 Thanks!!

 Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40763t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Finding a MAC address [7:38560]

[jorge rodriguez]

Correct 

[EMAIL PROTECTED] wrote:

The show cam command uses the mac format of 00-00-00-00-00-00
not the same as the ios command, which uses the ..
format.


Larry Letterman
Cisco Systems
[EMAIL PROTECTED] 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
jorge rodriguez
Sent: Sunday, April 07, 2002 12:07 AM
To: [EMAIL PROTECTED]
Subject: Re: Finding a MAC address [7:38560]


Depending on varios scenarios:

Assuming the following:
If users worksations are WindowsNT stations and properly configure WINS
servers you can simply retreave the MAC address by entering the host IP
address at the windowsnt command-line e.g.  nbtstat -a  ip-address

If you have Catalyst switches you can retreave their connected port by
entering in the switch enable mode CLI e.g show cam dyn ..
48bit mac address, this command example assumes you have the set base
catalysts switches, for the IOS base catalyst it would be, e.g.
show mac-address-table address .. .
These commands will pin-point which bridge-port on the switch the
MAC-address comes from.






Jorge / CCNA CCNP / CCIE Wannabe /

[EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.learncisco.n3.net









Jeffrey Reed wrote:

What utilities are you guys using to find MAC addresses across a large
campus network? If I have an end users IP address, check the routers ARP
for their MAC, whats the easiest way to find out which switch port?

Thanks!!

Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40775t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Finding a MAC address [7:38560]

[Jeffrey Reed]

I appreciate the help on this question. I think I need to further define my
question. How do you find out which switch a MAC address resides in a large
network environment. I am working with several large colleges/universities
who need to find a student's location in the network. They know the MAC
address or IP, but not the student who owns its. They all have over 2000+
students and many switches/hubs where these students reside. The typically
have only 1-3 VLANS for students, so its tough to narrow down the location.
Some of them used to run Cabletron equipment and their proprietary VLAN
software called SecureFast. SecureFast maintained a searchable directory
with MAC, network address (IP, IPX, A-talk, Netbios etc.), switch, port, DNS
name etc. It was very easy to find a MAC address within seconds. Now we are
moving to 802.1Q and Cisco switches and are having severe withdraw. There
must be an easy way to insert a MAC or IP address and find it in the CAM
table without a lot of manual effort.

Thanks again, I appreciate the help!!

Jeffrey Reed
Classic Networking, Inc.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Larry
Letterman
Sent: Saturday, March 16, 2002 6:35 PM
To: [EMAIL PROTECTED]
Subject: RE: Finding a MAC address [7:38560]

On the router you can do a 'sh mac-addr-table addr --(mac addr)
and it will show you the interface that the Mac-addr is on.

On switches you can do a 'show cam xx-xx-xx-xx-xx-xx and it should give you
the port on the switch where the mac-addr is..

This works on our 6500 switches with msfc routing and supervisor cards..


Larry Letterman
Cisco Systems
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Jeffrey Reed
Sent: Saturday, March 16, 2002 2:15 PM
To: [EMAIL PROTECTED]
Subject: Finding a MAC address [7:38560]


What utilities are you guys using to find MAC addresses across a large
campus network? If I have an end users IP address, check the routers ARP
for their MAC, whats the easiest way to find out which switch port?

Thanks!!

Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38601t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Finding a MAC address [7:38560]

[Michael Williams]

I agree with the previous poster.  If you know the router acting as the
gateway for the IP, start there and go step by step.  It sounds like a
hassle, but I can assure you that usually users are usually no more than a
few layer 2 hops away from their gateway router.  Shouldn't take more than a
minute to pinpoint an exact switchport given the MAC (or IP).  I do this all
the time, and it's a piece of cake.

Mike W.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38604t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Finding a MAC address [7:38560]

[Mike Smith]

There's a tool built into CiscoWorks that will tell you which port a MAC 
address is connected to.  It matches the switch CAM tables to the router 
ARP tables, so you can search by IP or MAC address.

-Mike


Mike Smith
Network Administrator
Information Technology Services
Bowling Green State University
Email:[EMAIL PROTECTED]
Phone (419) 372-9510

I appreciate the help on this question. I think I need to further define my
question. How do you find out which switch a MAC address resides in a large
network environment. I am working with several large colleges/universities
who need to find a student's location in the network. They know the MAC
address or IP, but not the student who owns its. They all have over 2000+
students and many switches/hubs where these students reside. The typically
have only 1-3 VLANS for students, so its tough to narrow down the location.
Some of them used to run Cabletron equipment and their proprietary VLAN
software called SecureFast. SecureFast maintained a searchable directory
with MAC, network address (IP, IPX, A-talk, Netbios etc.), switch, port, DNS
name etc. It was very easy to find a MAC address within seconds. Now we are
moving to 802.1Q and Cisco switches and are having severe withdraw. There
must be an easy way to insert a MAC or IP address and find it in the CAM
table without a lot of manual effort.

Thanks again, I appreciate the help!!

Jeffrey Reed
Classic Networking, Inc.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Larry
Letterman
Sent: Saturday, March 16, 2002 6:35 PM
To: [EMAIL PROTECTED]
Subject: RE: Finding a MAC address [7:38560]

On the router you can do a 'sh mac-addr-table addr --(mac addr)
and it will show you the interface that the Mac-addr is on.

On switches you can do a 'show cam xx-xx-xx-xx-xx-xx and it should give you
the port on the switch where the mac-addr is..

This works on our 6500 switches with msfc routing and supervisor cards..


Larry Letterman
Cisco Systems
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Jeffrey Reed
Sent: Saturday, March 16, 2002 2:15 PM
To: [EMAIL PROTECTED]
Subject: Finding a MAC address [7:38560]


What utilities are you guys using to find MAC addresses across a large
campus network? If I have an end users IP address, check the routers ARP
for their MAC, whats the easiest way to find out which switch port?

Thanks!!

Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38617t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Finding a MAC address [7:38560]

[Jeffrey Reed]

What utilities are you guys using to find MAC addresses across a large
campus network? If I have an end users IP address, check the routers ARP
for their MAC, whats the easiest way to find out which switch port?

Thanks!!

Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38560t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Finding a MAC address [7:38560]

[Bond, Jeffrey T]

Solar Wind has a utility that is apart of the Engineering edition that is
used to get Mac addresses or use Cisco Works


-Original Message-
From: Jeffrey Reed [mailto:[EMAIL PROTECTED]]
Sent: Saturday, March 16, 2002 5:15 PM
To: [EMAIL PROTECTED]
Subject: Finding a MAC address [7:38560]


What utilities are you guys using to find MAC addresses across a large
campus network? If I have an end users IP address, check the routers ARP
for their MAC, whats the easiest way to find out which switch port?

Thanks!!

Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38562t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Finding a MAC address [7:38560]

[Larry Letterman]

On the router you can do a 'sh mac-addr-table addr --(mac addr)
and it will show you the interface that the Mac-addr is on.

On switches you can do a 'show cam xx-xx-xx-xx-xx-xx and it should give you
the port on the switch where the mac-addr is..

This works on our 6500 switches with msfc routing and supervisor cards..


Larry Letterman
Cisco Systems
[EMAIL PROTECTED] 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Jeffrey Reed
Sent: Saturday, March 16, 2002 2:15 PM
To: [EMAIL PROTECTED]
Subject: Finding a MAC address [7:38560]


What utilities are you guys using to find MAC addresses across a large
campus network? If I have an end users IP address, check the routers ARP
for their MAC, whats the easiest way to find out which switch port?

Thanks!!

Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38564t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Finding a MAC address [7:38560]

[MADMAN]

If your talking catalyst:

C6509 (enable) sh cam 00-60-08-b0-a2-46
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry $ = Dot1x Security Entry

VLAN  Dest MAC/Route Des[CoS]  Destination Ports or VCs / [Protocol Type]
  --- 
---
5600-60-08-b0-a2-46 5/35 [ALL]
Total Matching CAM Entries Displayed  =1
C6509 (enable)

  Dave

Jeffrey Reed wrote:

 What utilities are you guys using to find MAC addresses across a large
 campus network? If I have an end users IP address, check the routers ARP
 for their MAC, whats the easiest way to find out which switch port?

 Thanks!!

 Jeff
--
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications Inc.
612-664-3367
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38568t=38560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

mac address searcher [7:37143]

[steve skinner]

Guys,

you assistance if you please..

i am looking for a new tool to help me automate a task...

i work for a global company with multiple it teams,who like to move multiple 
it servers willy-nilly...

i suppport the switches 65`s but due to politics i am not allowed to set 
port secuirty on them...

is there any tool out there that will queiry a cisco switch and tell me if 
it has a MAC record in its cam table..

i have got 60 65`s in 18 different MAN locations...and christ knows how many 
servers...

it`s just i am lazy and dont want to keep typing

Sh ip arp and sh cam dyn all the time...

any help would be great.

TIA

steve

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp;




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=37143t=37143
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: mac address searcher [7:37143]

[Sasa Milic]

CiscoWorks/Campus Manager knows to do that.

Sasa
CCIE #8635

steve skinner wrote:
 
 Guys,
 
 you assistance if you please..
 
 i am looking for a new tool to help me automate a task...
 
 i work for a global company with multiple it teams,who like to move
multiple
 it servers willy-nilly...
 
 i suppport the switches 65`s but due to politics i am not allowed to set
 port secuirty on them...
 
 is there any tool out there that will queiry a cisco switch and tell me if
 it has a MAC record in its cam table..
 
 i have got 60 65`s in 18 different MAN locations...and christ knows how
many
 servers...
 
 it`s just i am lazy and dont want to keep typing
 
 Sh ip arp and sh cam dyn all the time...
 
 any help would be great.
 
 TIA
 
 steve
 
 _
 Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp;




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=37181t=37143
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

dialup mac address [7:36394]

[Patrick Ramsey]

hey group

I've got a 3640 with a couple'a pri's and two modem banks... I want to give
vendors access to very specific servers through a firewall... (netscreen) 
My original thought was to place the vendor's mac address for it's dialup
adapter in dhcp and assign it the same ip every timethen base the ACL's
to each server on the vendor ip address...

All the searching I have done on the web say dialup adapters have generic
mac addresses, ie 44-45-53-54-00-00 ... How can I get the 3640 to dole out
specfic ip's to vendors?  How do isp's keep up with leases if this is the
case?

-Patrick


  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36394t=36394
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: dialup mac address [7:36394]

[Hire, Ejay]

You can assign them a specific IP and/or privledges based on username using
radius.

-Original Message-
From: Patrick Ramsey [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 25, 2002 12:29 PM
To: [EMAIL PROTECTED]
Subject: dialup mac address [7:36394]


hey group

I've got a 3640 with a couple'a pri's and two modem banks... I want to give
vendors access to very specific servers through a firewall... (netscreen) 
My original thought was to place the vendor's mac address for it's dialup
adapter in dhcp and assign it the same ip every timethen base the ACL's
to each server on the vendor ip address...

All the searching I have done on the web say dialup adapters have generic
mac addresses, ie 44-45-53-54-00-00 ... How can I get the 3640 to dole out
specfic ip's to vendors?  How do isp's keep up with leases if this is the
case?

-Patrick


  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36408t=36394
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: dialup mac address [7:36394]

[Mohannad Khuffash]

Hello,
Without using any AAA server, you nac assign specific IP address by using
dialer pool .


Mohannad Khuffash
PalTel


Patrick Ramsey  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 hey group

 I've got a 3640 with a couple'a pri's and two modem banks... I want to
give
 vendors access to very specific servers through a firewall... (netscreen)
 My original thought was to place the vendor's mac address for it's dialup
 adapter in dhcp and assign it the same ip every timethen base the
ACL's
 to each server on the vendor ip address...

 All the searching I have done on the web say dialup adapters have generic
 mac addresses, ie 44-45-53-54-00-00 ... How can I get the 3640 to dole out
 specfic ip's to vendors?  How do isp's keep up with leases if this is the
 case?

 -Patrick


   Confidentiality DisclaimerThis email and any files
transmitted with it may contain confidential and
 /or proprietary information in the possession of WellStar Health System,
 Inc. (WellStar) and is intended only for the individual or entity to
whom
 addressed.  This email may contain information that is held to be
 privileged, confidential and exempt from disclosure under applicable law.
If
 the reader of this message is not the intended recipient, you are hereby
 notified that any unauthorized access, dissemination, distribution or
 copying of any information from this email is strictly prohibited, and may
 subject you to criminal and/or civil liability. If you have received this
 email in error, please notify the sender by reply email and then delete
this
 email and its attachments from your computer. Thank you.

 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36415t=36394
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: dialup mac address [7:36394]

[Patrick Ramsey]

Can I assume secure ACS does this?

 Hire, Ejay  02/25/02 01:24PM 
You can assign them a specific IP and/or privledges based on username using
radius.

-Original Message-
From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] 
Sent: Monday, February 25, 2002 12:29 PM
To: [EMAIL PROTECTED] 
Subject: dialup mac address [7:36394]


hey group

I've got a 3640 with a couple'a pri's and two modem banks... I want to give
vendors access to very specific servers through a firewall... (netscreen) 
My original thought was to place the vendor's mac address for it's dialup
adapter in dhcp and assign it the same ip every timethen base the ACL's
to each server on the vendor ip address...

All the searching I have done on the web say dialup adapters have generic
mac addresses, ie 44-45-53-54-00-00 ... How can I get the 3640 to dole out
specfic ip's to vendors?  How do isp's keep up with leases if this is the
case?

-Patrick


  Confidentiality Disclaimer Confidentiality
Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36416t=36394
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco Practical Studies, Multiple MAC Address [7:35935]

[Derek Gaff]

Hi there

In the Cisco Press Practical Studies Book, page 1159 under Misc Cisco IOS
Software Configuration there as follows.

A mainframe resides on VLAN 2. It has three IP addresses: 165.10.10.100, 101
and 102. These IP Addresses correspond to a single MAC Address of
2200.0001.0001. Configure the Router R4, to support forwarding traffic to a
single MAC address for all these IP addresses.

Does anybody know were I can get some information on how to configure this as
I have looked around the Cisco web site and cannot find anything on this
(Maybe I am serching for the wrong thing).

Thanks in advance

Cheers

Derek




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35935t=35935
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco Practical Studies, Multiple MAC Address [7:35935]

[Vincent Miller]

HSRP
standby use-bia [scope 
  interface] 

  Configure HSRP to use
the burned-in address of an interface as its virtual MAC address
  instead of the
preassigned MAC address (on Ethernet and FDDI) or the functional
  address (on Token Ring).


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36007t=35935
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC Address format [7:35179]

[Jason]

ROTFL

Chris Charlebois  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Simple.  Follow this procedure.

 1) Get a clean sheet of white paper and a #2 pencil.

 2) Write down, in pencil, the MAC address from the Cisco Router exactly as
 displayed, but leave space between each character.

 3) Using the eraser end of the pencil, erase all periods.

 4) Using the pencil, insert a colon after every 2nd number.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35403t=35179
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Mac address [7:35302]

[Kwame]

Is it possible to add a dynamic mac address to a cisco catalyst switch?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35302t=35302
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Dynamic Mac Address Assignment [7:35303]

[Kwame]

Pls ignore my previous post b'cos it's wrongly frame. Here's what I want to
ask:

Is it possible to assign a mac address to a catalyst switch such that the
switch would not use the burned-in-mac but rather use the assigned mac?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35303t=35303
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Dynamic Mac Address Assignment [7:35303]

[Joseph Brunner]

IOS based switch -

3524XL_ATL(config-if)#mac-address ?
  H.H.H  MAC address



Joseph Brunner
ASN 21572
MortgageIT MITLending
New York, NY 10038
(212) 651 - 7695 Voice
(212) 651 - 7795 Fax



-Original Message-
From: Kwame [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 13, 2002 10:11 AM
To: [EMAIL PROTECTED]
Subject: Dynamic Mac Address Assignment [7:35303]


Pls ignore my previous post b'cos it's wrongly frame. Here's what I want to
ask:

Is it possible to assign a mac address to a catalyst switch such that the
switch would not use the burned-in-mac but rather use the assigned mac?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35309t=35303
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MAC Address format [7:35179]

[Charles Lomotey]

Hi All,

I have to a MAC address shown as 0008.0050.8db2 on my cisco and want to
block it on my 3com lan switch which has MAC addresses in the format eg.
00:01:03:28:4c:3d

How do I convert the Cisco MAC to this other format?

Charles






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35179t=35179
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC Address format [7:35179]

[Chris Charlebois]

Simple.  Follow this procedure.

1) Get a clean sheet of white paper and a #2 pencil.

2) Write down, in pencil, the MAC address from the Cisco Router exactly as
displayed, but leave space between each character.

3) Using the eraser end of the pencil, erase all periods.

4) Using the pencil, insert a colon after every 2nd number.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35194t=35179
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC Address format [7:35203]

[Logan, Harold]

Those are both valid MAC formats. Your router's MAC is
00:08:00:50:8d:b2. Same hex digits, different way of writing them.

Hal

-Original Message-
From: Charles Lomotey [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 12, 2002 7:08 AM
To: [EMAIL PROTECTED]; Logan, Harold; Charles Lomotey;
[EMAIL PROTECTED]
Subject: MAC Address format


Hi All,

I have to a MAC address shown as 0008.0050.8db2 on my cisco and want to
block it on my 3com lan switch which has MAC addresses in the format eg.
00:01:03:28:4c:3d

How do I convert the Cisco MAC to this other format?

Charles


  _




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35203t=35203
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC Address format [7:35203]

[Chuck]

In fairness to the original poster, different manufacturers, and even within
Cisco, different product lines, have different ways of entering/configuring
MAC's.

True, a MAC is 48 bits, and true, there are different ways of representing
them. Most books I have read use the .. format. some sources
might use colons instead of periods.

But in terms of configuration, on a Cisco router the configuration format is
1224.5678.abcd while on a catalyst 5000 switch the format is
12-34-56-78-ab-cd

The guy who posted the original question noted that on 3com garbage
equipment the format is 12:23:56:78:ab:cd

Chuck


Logan, Harold  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Those are both valid MAC formats. Your router's MAC is
 00:08:00:50:8d:b2. Same hex digits, different way of writing them.

 Hal

 -Original Message-
 From: Charles Lomotey [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, February 12, 2002 7:08 AM
 To: [EMAIL PROTECTED]; Logan, Harold; Charles Lomotey;
 [EMAIL PROTECTED]
 Subject: MAC Address format


 Hi All,

 I have to a MAC address shown as 0008.0050.8db2 on my cisco and want to
 block it on my 3com lan switch which has MAC addresses in the format eg.
 00:01:03:28:4c:3d

 How do I convert the Cisco MAC to this other format?

 Charles


   _




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35208t=35203
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Block this MAC address! [7:34953]

[Steven A. Ridder]

You can block it with MQC.  Just match on that mac address then give him
zero bw, like the nimda fix you could do on Cisco routers.

Look up MQC and nimda.


Brian Dennis  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 If memory serves me correct, on a router, the MAC address access-list will
 not work for a protocol if you're routing that protocol. It's used for
 bridged traffic. If you're routing IP and need to filter based on a MAC
 address you might try looking into using a BVI.

 Another easier solution would be to just allow from the customer only the
IP
 addresses that are assigned to the customer.

 Brian Dennis, CCIE #2210 (RS)(ISP/Dial)


 Chuck Larrieu wrote:

  absolutely. you want something in either the 700-799 range or 1100-1199
  range. see router output below:I've never actually implemented one of
  these in real or lab. the choices seem to be permit or deny. There does
  not appear to be a lot of flexibility here, as with an IP access list.
 
  R1(config)#access-list ?  (edited )
 Extended 48-bit MAC address access list
   48-bit MAC address access list
 
  HTH
 
  Chuck
 
 
  Charles Lomotey  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi,
 
  Is it possible to block a MAC address on an interface by accesslist
  or.??
 
  I have this annoying customer playing around with their IP adresses and
  bringing down the whole network
  Charles
 

 
  Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35028t=34953
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Block this MAC address! [7:34953]

[Charles Lomotey]

Hi,

Is it possible to block a MAC address on an interface by accesslist
or.??

I have this annoying customer playing around with their IP adresses and
bringing down the whole network
Charles






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34953t=34953
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Block this MAC address! [7:34953]

[Chuck Larrieu]

absolutely. you want something in either the 700-799 range or 1100-1199
range. see router output below:I've never actually implemented one of these
in real or lab. the choices seem to be permit or deny. There does not appear
to be a lot of flexibility here, as with an IP access list.

R1(config)#access-list ?  (edited )
   Extended 48-bit MAC address access list
 48-bit MAC address access list

HTH

Chuck


Charles Lomotey  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 Is it possible to block a MAC address on an interface by accesslist
 or.??

 I have this annoying customer playing around with their IP adresses and
 bringing down the whole network
 Charles

 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34967t=34953
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Block this MAC address! [7:34953]

[Brian Dennis]

If memory serves me correct, on a router, the MAC address access-list will 
not work for a protocol if you're routing that protocol. It's used for 
bridged traffic. If you're routing IP and need to filter based on a MAC 
address you might try looking into using a BVI.

Another easier solution would be to just allow from the customer only the IP 
addresses that are assigned to the customer. 

Brian Dennis, CCIE #2210 (RS)(ISP/Dial)


Chuck Larrieu wrote:

 absolutely. you want something in either the 700-799 range or 1100-1199
 range. see router output below:I've never actually implemented one of
 these in real or lab. the choices seem to be permit or deny. There does
 not appear to be a lot of flexibility here, as with an IP access list.
 
 R1(config)#access-list ?  (edited )
Extended 48-bit MAC address access list
  48-bit MAC address access list
 
 HTH
 
 Chuck
 
 
 Charles Lomotey  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 Is it possible to block a MAC address on an interface by accesslist
 or.??

 I have this annoying customer playing around with their IP adresses and
 bringing down the whole network
 Charles

 
 Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34969t=34953
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: Block this MAC address! [7:34953]

[John Neiberger]

Correct me if I'm wrong, but I seem to remember that MAC-
address access lists only work on bridged interfaces.  Is that 
the case?  I seem to remember reading that somewhere.  I'll 
have to double check.

John




Get your own 800 number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag


 On Sat, 9 Feb 2002, Chuck Larrieu ([EMAIL PROTECTED]) 
wrote:

 absolutely. you want something in either the 700-799 range or 
1100-1199
 range. see router output below:I've never actually 
implemented one of
 these
 in real or lab. the choices seem to be permit or deny. There 
does not
 appear
 to be a lot of flexibility here, as with an IP access list.
 
 R1(config)#access-list ?  (edited )
Extended 48-bit MAC address access list
  48-bit MAC address access list
 
 HTH
 
 Chuck
 
 
 Charles Lomotey  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi,
 
  Is it possible to block a MAC address on an interface by 
accesslist
  or.??
 
  I have this annoying customer playing around with their IP 
adresses
 and
  bringing down the whole network
  Charles
 
 
 --
--
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34980t=34953
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Mac address for Serial Ports?? [7:31898]

[Cisco Nuts]

Hello,
Is there a way of verifying that a serial port in borrowing the mac address 
of the Ethernet/Tr port when it is connecting to another router in an IP 
network?
I see this in an ipx network but not in an ip network. sh ipx int s0

I tried the debug ip packet, detail, debug arp, debug broadcast etc. but I 
am not seeing that the serial port is using a mac address.

What test can I do on my router to check that the serial port does borrow 
the first available Mac address of a Ethernet port on a router?

Thank you.

_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31898t=31898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Mac address for Serial Ports?? [7:31898]

[Priscilla Oppenheimer]

Serial interfaces don't have MAC addresses. IPX is a special case because 
the network-layer node address IS the MAC address.

Think about frame formats and identifications for WAN protocols. What 
identifies the sender in Frame Relay? A DLCI. How about ATM? A VPI/VCI 
pair. How about PPP? No need because it's point-to-point. How about HDLC. 
No need because it's point-to-point (in Cisco HDLC anyway).

How does a network layer address get mapped to a data-link identifier? 
Static mapping or Inverse ARP for some protocols. PPP has the NCP which 
sits between the two layers.

Priscilla

At 02:51 PM 1/14/02, Cisco Nuts wrote:
Hello,
Is there a way of verifying that a serial port in borrowing the mac address
of the Ethernet/Tr port when it is connecting to another router in an IP
network?
I see this in an ipx network but not in an ip network. sh ipx int s0

I tried the debug ip packet, detail, debug arp, debug broadcast etc. but I
am not seeing that the serial port is using a mac address.

What test can I do on my router to check that the serial port does borrow
the first available Mac address of a Ethernet port on a router?

Thank you.

_
Join the worlds largest e-mail service with MSN Hotmail.
http://www.hotmail.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31904t=31898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Mac address for Serial Ports?? [7:31898]

[Priscilla Oppenheimer]

At 10:50 PM 1/14/02, Cisco Nuts wrote:
Sorry Priscilla but I am trying to understand, IP does not need a mac 
address to get to the next hop( on a point-to-point netw - PPP or HDLC)!! 
Why? Because it is a point-to-point as you say? But I thought ip was layer 
three.

It is Layer 3, but in most cases to send an IP packet requires a Layer 2 
address also. But not if there's only one possible recipient, the other end 
of the point-to-point link.

I'm not sure I understand your confusion, but maybe this will help. Compare 
IP on a LAN to IP on a WAN. For example, assume you have configured IP 
addresses on some Ethernet stations and also on some router serial 
interfaces and you're doing some pinging.

A LAN device sends an ARP packet to find the MAC address that maps to the 
destination IP address. On a point-to-point WAN, a device doesn't do this. 
It assumes there's only one place the packet can go -- to the other end.

Also compare this to Frame Relay and ATM. In this case, a device learns in 
advance through Inverse ARP which data-link identifier to use when sending 
to an IP address.

Maybe the point is just too obvious or you haven't thought about the fact 
that a point-to-point link is a special case

Please send questions to the group. I like to answer to the group so that 
everyone benefits from the answer and any discussion that follows.

Priscilla


I understand in terms of ATM or FR but ip on a point-to-point?
Am I missing something here?
Sorry, can you help?


From: Priscilla Oppenheimer 
Reply-To: Priscilla Oppenheimer 
To: [EMAIL PROTECTED]
Subject: Re: Mac address for Serial Ports?? [7:31898]
Date: Mon, 14 Jan 2002 15:37:15 -0500

Serial interfaces don't have MAC addresses. IPX is a special case because
the network-layer node address IS the MAC address.

Think about frame formats and identifications for WAN protocols. What
identifies the sender in Frame Relay? A DLCI. How about ATM? A VPI/VCI
pair. How about PPP? No need because it's point-to-point. How about HDLC.
No need because it's point-to-point (in Cisco HDLC anyway).

How does a network layer address get mapped to a data-link identifier?
Static mapping or Inverse ARP for some protocols. PPP has the NCP which
sits between the two layers.

Priscilla

At 02:51 PM 1/14/02, Cisco Nuts wrote:
 Hello,
 Is there a way of verifying that a serial port in borrowing the mac
address
 of the Ethernet/Tr port when it is connecting to another router in an IP
 network?
 I see this in an ipx network but not in an ip network. sh ipx int s0
 
 I tried the debug ip packet, detail, debug arp, debug broadcast etc. but
I
 am not seeing that the serial port is using a mac address.
 
 What test can I do on my router to check that the serial port does borrow
 the first available Mac address of a Ethernet port on a router?
 
 Thank you.
 
 _
 Join the worlds largest e-mail service with MSN Hotmail.
 http://www.hotmail.com


Priscilla Oppenheimer
http://www.priscilla.com
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.





Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31919t=31898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Mac address for Serial Ports?? [7:31898]

[Cisco Nuts]

Thank you very much.
Yes, I do understand now.
Regards.


From: Priscilla Oppenheimer 
Reply-To: Priscilla Oppenheimer 
To: [EMAIL PROTECTED]
Subject: Re: Mac address for Serial Ports?? [7:31898]
Date: Mon, 14 Jan 2002 18:33:24 -0500

At 10:50 PM 1/14/02, Cisco Nuts wrote:
 Sorry Priscilla but I am trying to understand, IP does not need a mac
 address to get to the next hop( on a point-to-point netw - PPP or HDLC)!!
 Why? Because it is a point-to-point as you say? But I thought ip was 
layer
 three.

It is Layer 3, but in most cases to send an IP packet requires a Layer 2
address also. But not if there's only one possible recipient, the other end
of the point-to-point link.

I'm not sure I understand your confusion, but maybe this will help. Compare
IP on a LAN to IP on a WAN. For example, assume you have configured IP
addresses on some Ethernet stations and also on some router serial
interfaces and you're doing some pinging.

A LAN device sends an ARP packet to find the MAC address that maps to the
destination IP address. On a point-to-point WAN, a device doesn't do this.
It assumes there's only one place the packet can go -- to the other end.

Also compare this to Frame Relay and ATM. In this case, a device learns in
advance through Inverse ARP which data-link identifier to use when sending
to an IP address.

Maybe the point is just too obvious or you haven't thought about the fact
that a point-to-point link is a special case

Please send questions to the group. I like to answer to the group so that
everyone benefits from the answer and any discussion that follows.

Priscilla


 I understand in terms of ATM or FR but ip on a point-to-point?
 Am I missing something here?
 Sorry, can you help?
 
 
 From: Priscilla Oppenheimer
 Reply-To: Priscilla Oppenheimer
 To: [EMAIL PROTECTED]
 Subject: Re: Mac address for Serial Ports?? [7:31898]
 Date: Mon, 14 Jan 2002 15:37:15 -0500
 
 Serial interfaces don't have MAC addresses. IPX is a special case 
because
 the network-layer node address IS the MAC address.
 
 Think about frame formats and identifications for WAN protocols. What
 identifies the sender in Frame Relay? A DLCI. How about ATM? A VPI/VCI
 pair. How about PPP? No need because it's point-to-point. How about 
HDLC.
 No need because it's point-to-point (in Cisco HDLC anyway).
 
 How does a network layer address get mapped to a data-link identifier?
 Static mapping or Inverse ARP for some protocols. PPP has the NCP which
 sits between the two layers.
 
 Priscilla
 
 At 02:51 PM 1/14/02, Cisco Nuts wrote:
  Hello,
  Is there a way of verifying that a serial port in borrowing the mac
address
  of the Ethernet/Tr port when it is connecting to another router in an 
IP
  network?
  I see this in an ipx network but not in an ip network. sh ipx int s0
  
  I tried the debug ip packet, detail, debug arp, debug broadcast etc. 
but
I
  am not seeing that the serial port is using a mac address.
  
  What test can I do on my router to check that the serial port does 
borrow
  the first available Mac address of a Ethernet port on a router?
  
  Thank you.
  
  _
  Join the worlds largest e-mail service with MSN Hotmail.
  http://www.hotmail.com
 
 
 Priscilla Oppenheimer
 http://www.priscilla.com
 _
 Get your FREE download of MSN Explorer at 
http://explorer.msn.com/intl.asp.
 




Priscilla Oppenheimer
http://www.priscilla.com
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31922t=31898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

FW: CCNP Switching - Mapping MAC address to IP Multicast [7:10]

[Kaminski, Shawn G]

Re-Post

-Original Message-
From: Kaminski, Shawn G 
Sent: Wednesday, December 12, 2001 10:17 AM
To: 'Sergio'
Cc: 'Groupstudy'
Subject: RE: CCNP Switching - Mapping MAC address to IP Multicast [7:10]


Don't worry about MAC-to-IP Multicast Address conversion, only IP Multicast
Address-to-MAC conversion. What you're doing is converting the decimal
Multicast IP address to hexadecimal.

Here's what you need to remember:
1.All Multicast IP addresses range from 224 through 239 in the first octet.
2.All Multicast MAC addresses begin with 01.00.5e 
3.When converting from decimal to hexadecimal, the second octet of the
Multicast IP address must fall between 0 and 127. If it is more than 127,
you must subtract 128 from it to get between 0 and 127. 4.Cisco doesn't
expect you to memorize the decimal-to-hexadecimal conversions. They will
give you a chart on the exam.

Here's a few examples:

1.Given the address 223.128.37.255, map this to its equivalent Multicast MAC
address.

Answer: You can't because the first octet 223 doesn't fall between the
Multicast range of 224 through 239.



2.Given the address 225.128.37.255, map this to its equivalent Multicast MAC
address.

Answer: 
A.Remember, all Multicast MAC addresses begin with 01.00.5e. So, the 225
portion (first octet) of the Multicast IP address becomes 01.00.5e. B.The
second octet does not fall between 0 and 127, so subtract 128 from it.
128-128=0. 0 converted to hexadecimal is 00. C.The third octet just gets
converted to hexadecimal. It doesn't have to fall between 0 and 127. So, 37
converted to hexadecimal is 25. D.The fourth octet just gets converted to
hexadecimal. It doesn't have to fall between 0 and 127. So, 255 converted to
hexadecimal is e1.

So, the Multicast IP address 225.128.37.255 converted, or mapped, to its
equivalent Multicast MAC address is 01.00.5e.00.25.e1


Shawn  

-Original Message-
From: Sergio [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, December 11, 2001 3:33 PM
To: [EMAIL PROTECTED]
Subject: CCNP Switching - Mapping MAC address to IP Multicast [7:10]


Hi all. This is my first message here. Greetings from Spain ;)

Now, i have a question for you. I'm preparing my CCNP Switching exam, and
now im reading about IP Multicast.

The book says that IANA reserved some MAC address for using with IP
Multicast. The book also says that MAC addresses must be mapped to IP
Multicast address, and it explains how to map them. But i cant understand
it. I dont understand how to map MAC address to IP Multicast addresses.

Can u help me?

Thanks in advice.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29084t=10
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP Switching - Mapping MAC address to IP Multicast [7:10]

[Karen E Young]

Sergio,

Here's a link to Cisco's internal IP Multicast Training.Thought it might be
of use to you.
ftp://ftpeng.cisco.com/ipmulticast/training/index.html

As for mapping addresses...
ftp://ftpeng.cisco.com/ipmulticast/whitepapers/technology_overview/index.html

Hope this helps

*** REPLY SEPARATOR  ***

On 12/11/2001 at 3:32 PM Sergio wrote:

Hi all. This is my first message here. Greetings from Spain ;)

Now, i have a question for you. I'm preparing my CCNP Switching exam, and
now
im reading about IP Multicast.

The book says that IANA reserved some MAC address for using with IP
Multicast.
The book also says that MAC addresses must be mapped to IP Multicast
address,
and it explains how to map them. But i cant understand it. I dont
understand
how to map MAC address to IP Multicast addresses.

Can u help me?

Thanks in advice.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28943t=10
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

FW: CCNP Switching - Mapping MAC address to IP Multicast [7:10]

[Thompson, Robert D]

MSG Re-posted

 -Original Message-
 From: Thompson, Robert D 
 Sent: 12 December 2001 08:10
 To:   [EMAIL PROTECTED]
 Cc:   '[EMAIL PROTECTED]'
 Subject:  RE: CCNP Switching - Mapping MAC address to IP Multicast
 [7:10]
 
 HI Sergio,
 
 The best way I can explain this is in the following way
 
 
 Remember to convert the IP address given to binary. The reason for this is
 to convert binary to hex (you need to know how to convert binary to hex,
 thats the key here)
 
 Example (first convert to binary)
 
 147.184.9.9  = 10010011.10111000.1001.1001
 
 now convert to Hex, but only the 23 bits (on of the rules) , starting from
 the right, and forget the rest (as you need to pre-pend 01 00 5E to your
 answer, also an IANA rule...)
 
 10010011.10111000.1001.1001
 
   Do Not 
 Convert   Convert
 
 = in binary
 
 0111000.1001.10001
 
 now convert to hex
 
 = in hex using 8421 code to get hex (break binary groups up into groups of
 4, then convert to hex)
 
 = 0111000 = 38 in hex 
 =1001 = 09 in hex (or 9)   0111000.1001.1001
 =1001 = 09 in hex (or 9)  
 = 38.09.09
 
 = with pre-pend of 01.00.5E
 =01.00.5E.38.09.09 (this answer is your hex answer for ip address
 147.184.9.9 mapped to multicast mac address)
 
 
 
 This is in your notes on CCNP switching(below is a snip taken from
 cisco web site)
 
 
 Ethernet MAC Address Mapping
 The IANA owns a block of Ethernet MAC addresses that start with 01:00:5E
 in hexadecimal format. Half of this block is allocated for multicast
 addresses. The range from 0100.5e00. through 0100.5e7f. is the
 available range of Ethernet MAC addresses for IP multicast.
 This allocation allows for 23 bits in the Ethernet address to correspond
 to the IP multicast group address. The mapping places the lower 23 bits of
 the IP multicast group address into these available 23 bits in the
 Ethernet address.
  HTH
 
 Regards
 
 Rob
 
 NA, NP
 
 -Original Message-
 From: Sergio [SMTP:[EMAIL PROTECTED]]
 Sent: 11 December 2001 20:33
 To:   [EMAIL PROTECTED]
 Subject:  CCNP Switching - Mapping MAC address to IP Multicast [7:10]
 
 Hi all. This is my first message here. Greetings from Spain ;)
 
 Now, i have a question for you. I'm preparing my CCNP Switching exam, and
 now
 im reading about IP Multicast.
 
 The book says that IANA reserved some MAC address for using with IP
 Multicast.
 The book also says that MAC addresses must be mapped to IP Multicast
 address,
 and it explains how to map them. But i cant understand it. I dont
 understand
 how to map MAC address to IP Multicast addresses.
 
 Can u help me?
 
 Thanks in advice.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29038t=10
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT - How to get MAC address of remote device when I have the IP [7:28408]

[Provost, Robert]

Sorry for the off topic post. 

Does anyone know how I can determine the MAC address of a remote device when
I do have the IP?  I ping it but my arp cache only shows the local
addresses.

Any help would be appreciated.

Thanks.

Robert Provost
Data Communications Engineer
Genesis Health Ventures
Phone: 610-925-1147




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28408t=28408
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]