In general the Cisco IOS switches learn the MAC address of the connected devices dynamically by looking at the SRC MAC address of the frame incoming on any of its ports. This dynamic MAC learning is prone to spoofing attacks hence we can manually add Static MAC entries on the switch to overrule the dynamic MAC.We can define where the MAC is located or can make the switch drop the traffic.
Let us look at the simple topology below where a R1 generates some traffic towards the switch SW1.
We will do simple ping from R1 to SW1 and see the MAC table on SW1 as below:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.9.12.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/3/5 ms
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
1 aabb.cc00.0100 DYNAMIC Et0/0
Total Mac Addresses for this criterion: 1
We see in the above output that we have learnt the MAC address dynamically on E0/0 port of switch SW1.
Now let us change the entry to static as below and then check the CAM table again:
Now we see the entry has changed to Static now:
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
1 aabb.cc00.0100 STATIC Et0/0
Total Mac Addresses for this criterion: 1
ABOUT THE AUTHOR
You can learn more about her on her linkedin profile – Rashmi Bhardwaj
