RE: mac duplication

[<Glenn_Everhart () bankone com>]

MAC addresses need to be unique if your network uses ARP or something like
it to translate its network address to MAC on ethernet, or if it includes
MAC address. There exist networks that do not use ARP and require MAC
addresses to be adjusted to fit the network address scheme. 

Their existence (and the fact they preceded IP) is a reason why essentially
all ethernet interfaces can reset their MAC addresses programmatically.

As long as you aren't trying to just hub together all of a wide area net
(i.e., without switching...a trick that has been tried and works rather
badly) the potential duplication of MAC addresses is not a technical problem
when switches operate on higher level traffic protocols.



-----Original Message-----
From: fooler [mailto:fooler () skyinet net]
Sent: Sunday, December 14, 2003 4:17 AM
To: Jimi Thompson; vuln-dev () securityfocus com
Subject: Re: mac duplication
Importance: High


----- Original Message -----
From: "Jimi Thompson" <jimit () myrealbox com>
To: <vuln-dev () securityfocus com>
Sent: Sunday, December 14, 2003 8:33 AM
Subject: Re: mac duplication


> Dev,
>
> You seem to need some clarification about how Ethernet actually works.
> I'm going to try to toss out a 50,000 foot view.  Anyone can feel free
> to add to this or correct me.

hi jimi, i would like to add and correct some of your statement....

> Host names map to IP addresses via DNS.

correct

> IP address map to MAC addresses via router tables.

it is most appropriate to say ip addresses map to mac address via arp table

> Just as your IP
> address has to be unique in order to be routable, so does your MAC
> address.

every network device that is using ethernet has a mac address and should be
unique too.... unlike with ip address which is routable, mac address is
not....

> MAC addresses are purchased in blocks by the people who make
> network devices and blown on to what amount to EPROMS and attached to
> network cards, switch ports, etc.
>
> No two ethernet cards on the planet should have the same MAC address
> (emphasis on SHOULD because I've run into cards with duplicated MAC's
> and you won't believe the havoc this wreaks).  This is used as a
> physical layer address by things like ARP.

[...]


**********************************************************************
This transmission may contain information that is privileged, confidential and/or exempt from disclosure under 
applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, 
distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If 
you received this transmission in error, please immediately contact the sender and destroy the material in its 
entirety, whether in electronic or hard copy format. Thank you
**********************************************************************