Header Only - DO NOT REMOVE - Extreme Networks

Duplicated MACs on different VLANs on Same switched infra!


My network includes more than hundred of switches in multiple-ring design ..
when issuing: show iparp
I am finding rejected IP .. I believe it doesn't has anything to do with the duplication ...
But I wanna be sure that I have no duplicated MACs on my network so...

- Does duplicated MACs on different VLANs on Same switched infra cause problems?
- How to find duplicated MACs on different VLANs on Same switched infra?

Thanks
Yusuf

5 replies

Userlevel 2
Hi Yusuf, I think it will give you ARP poison like problem since FDB maps each MAC to a port. Actually, I haven't tried that case. You should test it on separate switch to make sure. Best regards,
Userlevel 3
Just one point, to have same mac on many vlans can be perfectly OK, the decision about "what mac to the need to send this IP packet to " is a per vlan question, not a network one. For example some vendors ( I know checkpoint do this ) you will see the same mac for every vlan for the same physical interface, for the checkpoint gateway. Of course if someone had connected one vlan to another like users sometimes do with edge points that's not so good.
simon bingham wrote:

Just one point, to have same mac on many vlans can be perfectly OK, the decision about "what mac to the need to send this IP packet to " is a per vlan question, not a network one. For example some vendors ( I know checkpoint do this ) you will see the same mac for every vlan for the same physical interface, for the checkpoint gateway. Of course if someone had connected one vlan to another like users sometimes do with edge points that's not so good.

The same MAC can be on multiple VLANs because a MAC is not routed off the VLAN, rather, the router builds a new packet with its MAC before transmitting another VLAN. Some routers have the same MAC on multiple interfaces. Net sight’s compass could be used to find duplicate MAC's.
Userlevel 2
simon bingham wrote:

Just one point, to have same mac on many vlans can be perfectly OK, the decision about "what mac to the need to send this IP packet to " is a per vlan question, not a network one. For example some vendors ( I know checkpoint do this ) you will see the same mac for every vlan for the same physical interface, for the checkpoint gateway. Of course if someone had connected one vlan to another like users sometimes do with edge points that's not so good.

Interesting, I wonder how FDB table will be shown on that case.
Userlevel 7
simon bingham wrote:

Just one point, to have same mac on many vlans can be perfectly OK, the decision about "what mac to the need to send this IP packet to " is a per vlan question, not a network one. For example some vendors ( I know checkpoint do this ) you will see the same mac for every vlan for the same physical interface, for the checkpoint gateway. Of course if someone had connected one vlan to another like users sometimes do with edge points that's not so good.

The FDB is populated per VLAN, so you will see multiple entries for the MAC in each VLAN that it exists in.

Reply