If using L2 bridging for AP vlan's, it should NOT rewrite the L2 source
mac - that only occurs at L3 boundaries, or if the ap is doing
lwapp/capwap tunneling on controller-based networks. They just act like
yet another switch in path, fowarding mac addresses as it builds a
table, not rewriting them.
As per the dupe mac issue, it is MUCH worse to duplicate mac addresses,
as this causes a condition known as "unicast-broadcast flooding". I've
seen data centers crushed because windoze admin's loved using
microsoft's network load-balancing (nlb) services, that go figure, just
duplicated mac addresses on all cluster members to make them all receive
the request (they'd arbitrate on the back-end with an out of band
connection which should answer).
Why is this bad?
When a switch sees mac addy's learned on multiple ports, it FLOODS the
frames out ALL interfaces in a given vlan, forwarding as a broadcast
now, as does all other switches receiving it, and all hosts have to
accept the packet at least into buffer before dropping it as an unknown
mac destination (ie. not the host receiving it). Imagine what happens
when that IP address happens to take a multi-gigabit DDoS attack...
Data centers go poof, thanks Microsoft (and admins that don't understand
networking).
Funny enough, Microsoft says the solution is to put your cluster on a
HUB (yes, not a switch).
Cisco said not to use Microsoft Clustering NLB services, thus the
load-balancer market was born, now making network guys figure out
applications (or applications people learning networking).
-mb
On 07/07/2014 05:34 AM,
kitepilot@kitepilot.com wrote:
> When you have a chain of wireless IP/bridges, and you don't enable the
> WDS feature (implemented
>> a company called Silex. Could be any number of devices. They seem to
>> make a wide range of interesting products.
>> http://www.silexamerica.com
>> I just used a MAC address search tool online.
>> The first one that came up for me was http://www.coffer.com .
>> The first part of a Mac hardware address is the manufacturer. The
>> remainder is a unique serial number/identifier. The two together
>> (are supposed) make a globally unique hardware address to prevent any
>> possible addressing conflicts.
>> Some, er, less conscientious manufacturers aren't diligent about
>> ensuring truly unique mac addresses. It is easier and cheaper to
>> make half a million exact copies than the added cost and complexity
>> of incrementing the MAC address.
>> MAC address cloning can cause issues also if we are not careful.
>> Hopefully that will help a bit in tracking what has connected to your
>> network.
>> Let us know here on the list if you have any other questions or if we
>> can elaborate.
>> Have a great night!
>> Ed K.
>> Plug lurker
>>> On Jul 6, 2014, at 11:33 PM, joe@actionline.com wrote:
>>> How can I identify the unknown devices (????? below)
>>> on my local network?
>>> Source IP: Devices: Mac addr:
>>> 192.168.0.1 Motorola 00:24:37:85:73:f0 REPLACED
>>> 192.168.0.2 X5003191 2c:44:fd:67:34:ab Ethernet 3
>>> 192.168.0.3 Unknown ?? 88:87:17:c0:a4:45 ?????
>>> 192.168.0.4 Galaxy phn 0c-71-5d-29-dc-ff
>>> 192.168.0.5 Tivo 84600 00:11:d9:55:72:ca
>>> 192.168.0.6 Xoom tab 98-4b-4a-c0-6f-3a
>>> 192.168.0.7 Chromecast d0:e7:82:c4:5c:ac
>>> 192.168.0.8 ?????????? 00:19:9d:56:50:2e ?????
>>> 192.168.0.9 Nexus7 tab ac:22:0b:44:da:95
>>> 192.168.0.10 HP laptop e0:06:e6:a2:93:a5
>>> 192.168.0.91 Lenovo 70:71:bc:3e:00:ed
>>> 192.168.0.64 T43 laptop 00:12:f0:34:5c:33
>>> 192.168.0.104 BRW008092CAC78E - 00:80:92:ca:c7:8e ?????
>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)