Proceeding from Example of the address table, press S (for S earch), to display the following prompt. Enter MAC address: Enter the MAC address you want to locate and press Enter. The address and port number are highlighted if found (Example of menu indicating located MAC address.)If the switch does not find the MAC address on the currently selected VLAN, it leaves the MAC address. QFabric System,QFX Series,EX4600,NFX Series,EX Series,EX Series,MX Series,QFX Series,SRX Series. Displays the Ethernet switching table. I have seen cases where there were different customers using the same MAC address, on different VLANs; this was visible in 'show mac address-table' on a single PowerConnect 5324, and it seemed to be working fine. This is with all ports as Access Mode or Trunk Mode.
Normally your switch will automatically learn MAC addresses and fill its MAC address table (CAM table) by looking at the source MAC address of incoming frames and flooding frames if it doesn't know where to forward the frame.
This process is vulnerable to layer 2 MAC address spoofing attacks where an attacker spoofs a certain MAC address to change entries in the MAC address table. A really simple method to deal with this issue is to manually configure entries in the MAC address table, a static entry will always overrule dynamic entries. You can either specify the interface where the MAC address is located or tell the switch to drop the traffic.
Let's look at an example!
To demonstrate this we only require two devices. A router to generate some traffic and a switch to look at (and configure) the MAC address table. Here's the configuration:
We'll do a quick ping to generate some traffic so SW1 can learn about the mac address of R1's FastEthernet 0/0 interface:
Let's take a look at the MAC address table:
Here's the MAC address of R1, learned dynamically. Let's turn this into a static entry:
Use the mac address-table static command to create a static entry. Here's what the MAC address table looks like now:
There it is, a static entry. No way to overrule this unless you have access to our switch. This prevents us from moving R1 to another interface on SW1 unless we change the static entry. Like I mentioned before we can also change a static entry so it will drop all traffic. Here's how to do it:
Home > Articles > Cisco > CCNA Routing and Switching
␡- Overview
Like this article? We recommend
Like this article? We recommend
Cisco Show Mac Table
Overview
Let's take a look at the MAC address table:
Here's the MAC address of R1, learned dynamically. Let's turn this into a static entry:
Use the mac address-table static command to create a static entry. Here's what the MAC address table looks like now:
There it is, a static entry. No way to overrule this unless you have access to our switch. This prevents us from moving R1 to another interface on SW1 unless we change the static entry. Like I mentioned before we can also change a static entry so it will drop all traffic. Here's how to do it:
Home > Articles > Cisco > CCNA Routing and Switching
␡- Overview
Like this article? We recommend
Like this article? We recommend
Cisco Show Mac Table
Overview
A number of different information types, terms, and names for data are thrown at all new networking students. Two of these information sources are vital to basic networking: Media Access Control (MAC) tables and Address Resolution Protocol (ARP) tables. Without at least a basic understanding of how these tables are used, it is hard to comprehend how information passes through a network. This article takes a look at each of these information sources, how they are used in the transmission of network traffic, and how they work together to move data from point A to point B.
Related Resources
- Book $55.99
- Book $55.99
Mac Address Table Static
- Premium Edition eBook $55.99
