THE SCHOOL OF CISCO NETWORKING (SCN): MAC ADDRESS (MEDIA ACCESS CONTROL ADDRESS) LEARNING - FILTERING AND FORWARDING:
Contact No:   ### / ###/ ###
Welcome To The IT Knowledge Base Sharing Freeway "Study With The Zero Fees / Zero Money" Web - If We Believe, That If We Have Knowledge, Let Others Light Their Candles With It. - Our Motivation Has Brought Us Together To Offer Our Helping Hands To The Needy Ones Please. "Student Expectations And Satisfaction Is Always Our Highest Priority")
'Love All, Serve All, Help Ever Hurt Never'

Please Welcome To The "Zero Fees And Zero Money SCN Community Study Page"

We Like To Share Our Stuff With Everyone And Hope You Will Find Something Useful Here. Enjoy Our Collection And Come Back Again And Again, We'll Do Our Best To Make It Always Interesting For You. All Our Stuff Always Available May Be 100% Totally Freely. Use Only For Non-Commercial Purposes Only!

THE SCHOOL OF CISCO NETWORKING (SCN) Is A IT Support Community – Based, Non - Profit Volunteer Organizations, Offering Our Assistance And Support To Developmental Our Services Dedicated To All.

Because Large Section Of Our Students In This World, Especially In Villages, Who Are Under Privileged Expecting For Equal Opportunity In Terms Of Money And Education. We Feel The Sufferings Of Talented Students Losing Their Opportunity To Shine Because Of Their Poor Financial Status. So We Thought That Professional Education Will Be Providing Them Freely.

Our Web Site Is To Give An Easy Way To Understand Each And Every Student Who Are Going To Start CISCO Lab Practice Without Any Doubts And Our ARTICLES STUFF Are Always 100% Totally Free For Everyone, Which Is Belongings To THE SCHOOL OF CISCO NETWORKING (SCN).

Also This Guide Provides Technical Guidance Intended To Help All Network Students, Network Administrators And Security Officers Improve Of Their Demonstrated Ability To Achieve Specific objectives Within Set Timeframes.

Hands - On Experience Is An Invaluable Part Of Preparing For The Lab Exam And Never Pass Up An Opportunity To Configure Or Troubleshoot A Router ( If You Have Access To Lab Facilities, Take Full Advantage Of Them) There Is No Replacement For The Experience You Can Gain From Working In A Lab, Where You Can Configure Whatever You Want To Configure And Introduce Whatever Problems You Want To Introduce, Without Risk Of Disrupting A Production Network.

For Better View Of Our Web Page - Please Use Any Latest Web Browser, Such As (Mozilla Firefox, Google Chrome, Opera, Safari, Internet Explorer, Torch, Maxthon, Sea Monkey, Avant Browser, Deepnet Explorer, And Etc ), Because Some Elements Or Scripts Are Not Work In The Old Web Browser (It Might Not Be Displayed Properly Or Are Not Appearing properly!). Thank You For Your Time And Best Of Luck!

Your Sincerely – Premakumar Thevathasan.
"Our Motivation Has Brought Us Together To Offer Our Helping Hands To The Needy Once Please,Thank You."

MAC ADDRESS (MEDIA ACCESS CONTROL ADDRESS) LEARNING - FILTERING AND FORWARDING:

MAC ADDRESS (MEDIA ACCESS CONTROL ADDRESS) LEARNING, FILTERING AND FORWARDING:

FIRST UNDERSTAND ABOUT MAC ADDRESS

A MEDIA ACCESS CONTROL ADDRESS (MAC Address) Is A Unique Identifier Assigned To Network Interfaces For Communications On The Physical Network Segment. MAC Addresses Are Used As A Network Address For Most IEEE 802 Network Technologies, Including Ethernet. Logically, MAC Addresses Are Used In The Media Access Control Protocol Sublayer Of The OSI Reference Model.

MAC Addresses Are Most Often Assigned By The Manufacturer Of A Network Interface Controller (NIC) And Are Stored In Its Hardware, Such As The Card's Read-Only Memory Or Some Other Firmware Mechanism. If Assigned By The Manufacturer, A MAC Address Usually Encodes The Manufacturer's Registered Identification Number And May Be Referred To As The Burned-In Address (BIA). It May Also Be Known As An Ethernet Hardware Address (EHA), Hardware Address Or Physical Address. This Can Be Contrasted To A Programmed Address, Where The Host Device Issues Commands To The NIC To Use An Arbitrary Address.

A Network Node May Have Multiple NICs And Each NIC Must Have A Unique MAC Address. MAC Addresses Are Formed According To The Rules Of One Of Three Numbering Name Spaces Managed By The Institute Of Electrical And Electronics Engineers (IEEE): MAC-48, EUI-48, And EUI-64. The IEEE Claims Trademarks On The Names EUI-48 And EUI-64, In Which EUI Is An Abbreviation For Extended Unique Identifier.

Switches Use Address Resolution Protocol (ARP) To Learn The Mac Addresses Of Devices On The Network. The Switch Sends An Arp Request That Contains The IP Address Of A Device, And Receives The Mac Address For That Device In An ARP Reply.

The Standard (IEEE 802) Format For Printing MAC-48 Addresses In Human-Friendly Form Is Six Groups Of Two Hexadecimal Digits, Separated By Hyphens (-) Or Colons (:), In Transmission Order (E.G. 01-23-45-67-89-Ab Or 01:23:45:67:89:Ab ). This Form Is Also Commonly Used For EUI-64.

MAC ADDRESS LEARNING

Switches Use ADDRESS RESOLUTION PROTOCOL (ARP) To Learn The MAC Addresses Of Devices On The Network. The Switch Sends An ARP Request That Contains The IP Address Of A Device, And Receives The MAC Address For That Device In An ARP Reply. The Switch Features A Mac Address Table That Is Capable Of 8k Entries. Each Entry Is Used To Store The Address Information Of Network Nodes On The Network, Including Mac Address, Port ID, Etc. This Information Is Critical For Packet Filtering And Forwarding. When One Packet Comes In From Any Port, The Switch Will Learn The Source Address, Port ID, And Other Related Information In The Address Table. Thus, The Content Of The Mac Address Table Updates Dynamically. (These Dynamically Learned Entries Are Stored In The ARP Cache. You Can Also Manually Configure Mac Addresses, Which Are Called Static Entries.)

In MAC ADDRESS LEARNING, The Source Mac Address Of Each Received Packet Is Stored So That Future Packets Destined For That Address Can Be Forwarded Only To The Interface Where That Address Is Located. Mac Address Learning, Defined In The IEEE 802.1 Standard, Helps Minimize Traffic On The Attached LANs. Learning Is The Process Of Obtaining The MAC Address Of Connected Devices. When A Frame Reaches Into The Port Of A Switch, The Switch Reads The MAC Address Of The Source Device From Ethernet Frame And Compares It To Its MAC Address Table (Also Known As CAM (Content Addressable Memory) Table). If The Switch Cannot Find A Corresponding Entry In MAC Address Table, The Switch Will Add The Address To The Table With The Port Number Via The Ethernet Frame Arrived.

If The MAC Address Is Already Available In The MAC Address Table, The Switch Compares The Incoming Port With The Port Already Available In The MAC Table. If The Port Numbers Are Different, The Switch Updates The MAC Address Table New Port Number. This Will Normally Happen When Network Administrators Remove The Cable From One Port And Attach It To Another Port.

Whenever Switch Updates An Entry In The MAC Address Table, The Switch Resets The Timer For That Entry. Timers Are Used In Aging Process Of Old Entries. Aging Helps To Remove Old Entries And Free Memory Of MAC Address Table To Add New Entries.

FILTERING AND FORWARDING

MAC ADDRESS FILTERING AND FORWARDING: Forwarding Is The Process Of Passing Network Traffic A Device Connected To One Port Of A Network Switch To Another Device Connected To Another Port On The Switch. When A Packet Comes In From A Particular Port On The Switch, The Destination Address Is Checked Against The Source Address Learning. The Switch Will Look Up The Address Table For The Destination Address. If Not Found, The Packet Will Be Forwarded To All Other Ports Except The Port From Where The Packet Came In. If Found, And The Destination Address Is Located At A Different Port Than The One From Which The Packet Came In, The Packet Will Be Forwarded To The Port Where The Destination Address Is Located, Based On The Information In The Address Table. But If The Destination Address Is Located At The Same Port As The One From Which The Packet Came In, Then The Packet Will Be Filtered.

FOR EXAMPLE: The Switch Gets The First Packet Of Data From NODE A. It Reads The Mac Address And Saves It To The Lookup Table For Segment A. The Switch Now Knows Where To Find Node A Anytime A Packet Is Addressed To It. This Process Is Called LEARNING.

NODE B Gets The Packet And Sends A Packet Back To Node A In Acknowledgement. The Packet From Node B Arrives At The Switch. Now The Switch Can Add The Mac Address Of Node B To The Lookup Table For Segment C. Since The Switch Already Knows The Address Of Node A, It Sends The Packet Directly To It. Because Node A Is On A Different Segment Than Node B, The Switch Must Connect The Two Segments To Send The Packet. This Is Known As FORWARDING.

The Next Packet From Node A To Node B Arrives At The Switch. The Switch Now Has The Address Of Node B, Too, So It Forwards The Packet Directly To Node B.

Node C Sends Information To The Switch For Node A. The Switch Looks At The MAC Address For Node C And Adds It To The Lookup Table For Segment A. The Switch Already Has The Address For Node A And Determines That Both Nodes Are On The Same Segment, So It Does Not Need To Connect Segment A To Another Segment For The Data To Travel From Node C To Node A. Therefore, The Switch Will Ignore Packets Traveling Between Nodes On The Same Segment. This Is FILTERING.

LEARNING AND FLOODING Continue As The Switch Adds Nodes To The Lookup Tables. Most Switches Have Plenty Of Memory In A Switch For Maintaining The Lookup Tables; But To Optimize The Use Of This Memory, They Still Remove Older Information So That The Switch Doesn't Waste Time Searching Through Stale Addresses. To Do This, Switches Use A Technique Called Aging. Basically, When An Entry Is Added To The Lookup Table For A Node, It Is Given A Timestamp. Each Time A Packet Is Received From A Node, The Timestamp Is Updated. The Switch Has A User-Configurable Timer That Erases The Entry After A Certain Amount Of Time With No Activity From That Node. This Frees Up Valuable Memory Resources For Other Entries. As You Can See, Transparent Bridging Is A Great And Essentially Maintenance-Free Way To Add And Manage All The Information A Switch Needs To Do Its Job!

FIND OUT WHICH MAC ADDRESS

ON A CISCO ROUTER, YOU CAN FIND OUT WHICH MAC ADDRESSES YOUR INTERFACES USE WITH THE “Show Interfaces” COMMAND.

HERE'S AN EXAMPLE:

Router_1# Show Interfaces
Ethernet0/0 Is Up, Line Protocol Is Up
Hardware Is Amdp2, Address Is 0003.E39b.9220 (Bia 0003.E39b.9220)
Internet Address Is 1.1.1.1/8

On The Second Line Of Each Interface, You'll See The Hardware Address Line With The BIA (Burned In Address). The Hardware Address Is 0003.E39b.9220.

MAC ADDRESS LEARNING SHOW COMMANDS:

Each Ethernet Interface On A Cisco Router/Switch Has Its Own Ethernet MAC Address. Display MAC Address Table Use Show Mac-Address-TableCommand. HERE'S AN EXAMPLE:

Switch# Show Mac-Address-Table

MAC SPOOFING

CHANGE MY MAC ADDRESS:

Changing Your MAC Address From The Default Is What We Call MAC Spoofing. To Change Your MAC Address On A Cisco Router, Use The Mac-Address Command While In Interface Configuration Mode.

Router_1# Conf T
Enter Configuration Commands, One Per Line. End With CNTL/Z.
Router_1(Config)# Int E0/0
Router_1(Config-If)# Mac-Address 0000.0000.0001
Router_1(Config-If)#^Z
Router_1#

TO FIND NEW MAC ADDRESS:

Router_1# Show Int E0/0
Ethernet0/0 Is Up, Line Protocol Is Up
Hardware Is Amdp2, Address Is 0000.0000.0001 (Bia 0003.E39b.9220)
Internet Address Is 1.1.1.1/8

NOTE:After Changing The MAC Address, You Can View The New One Using The Show Interface” Command.

MAC ACL CONFIGURATION

MAC ACL CONFIGURATION EXAMPLE:

MAC ACL, Also Known As Ethernet ACL, Can Filter Non-IP Traffic On A VLAN And On A Physical Layer 2 Interface By Using MAC Addresses In A Named MAC Extended ACL. The Steps To Configure A MAC ACL Are Similar To Those Of Extended Named Acls. MAC ACL Supports Only Inbound Traffic Filtering.

To Define The MAC Extended ACL, Use The Mac Access-List Extended Command. Several Non-IP Protocols Are Supported.

After The MAC ACL Is Created, It Can Be Applied To A Layer 2 Interface Using The Mac Access-Group [Acl-Name] In Command To Filter Non-IP Traffic Received On The Interface.

Shows How To Define And Apply A MAC ACL To Drop All (Non-IP) Appletalk Address Resolution Protocol (AARP) Packets, Allowing All Other Types Of Traffic.

Switch(Config)# Mac Access-List Extended My-Mac-Acl
Switch(Config-Ext-Macl)# Deny Any Any Aarp
Switch(Config-Ext-Macl)# Permit Any Any
Switch(Config-Ext-Macl)# Exit

Switch(Config)# Interface Fastethernet0/10
Switch(Config-If)# Mac Access-Group My-Mac-Acl In
Switch(Config-If)# End
Switch#

MAC ACCESS-LIST (FILTER TRAFFIC BASED ON MAC ADDRESS)

FILTER TRAFFIC BASED ON MAC ADDRESS:

Let's Say That, Through A Protocol Analyzer, You Find A Device Sending Unwanted Traffic On Your Network. It Looks Like This Device Is Multi-Homed—That Is, It's Sending Traffic From Multiple IP Addresses.

You Could Find The Switch Port It's On Using The “Show Mac-Address-Table” Command And Perform A Shutdown On The Port. But What If It Connects To A Hub With Other Devices Or Comes From Some Network Not Under Your Control?

TO FILTER THE TRAFFIC ON THE ROUTER OR SWITCH USING A MAC ADDRESS FILTER:

Cat3750Switch(Config)# Mac Access-List Ext Filtermac
Cat3750Switch(Config-Ext-Macl)# Deny Host 0000.0000.0001 Any
Cat3750Switch(Config-Ext-Macl)# Permit Any Any
Cat3750Switch(Config-Ext-Macl)# Exit

Apply MAC ACL:

Cat3750Switch(Config)# Int G1/0/40
Cat3750Switch(Config-If)# Mac Access-Group Filtermac In

PROTOCOL-INDEPENDENT MAC ACL FILTERING

CONFIGURATION EXAMPLE FOR PROTOCOL-INDEPENDENT MAC ACL FILTERING:

The Following Example Shows How To Configure A MAC ACL To Receive Inbound Traffic From Three Customer Devices On A VLAN Subinterface On A 4-Port Gigabit Ethernet ISE Line Card And Deny Traffic From All Other Devices:

MAC ACL CONFIGURATION:

Router> Enable
Router# Configure Terminal
Router(Config)# Access-List 700 Permit 0003.Fd1b.8700
Router(Config)# Access-List 700 Permit 0003.Fd1b.8701
Router(Config)# Access-List 700 Permit 0003.Fd1b.8702
Router(Config)# Access-List 700 Deny Any

APPLY MAC ACL TO GIGABIT ETHERNET VLAN SUBINTERFACE:

Router(Config)# Interface Gigabitethernet 6/0.1
Router(Config -Subif)# Mac Access-Group 700 In
Router(Config-Subif)# End

NOT MATCH THE SOURCE MAC ADDRESSES IN THESE ACCESS LIST STATEMENTS ARE REJECTED.

NOT MATCH THE SOURCE MAC ADDRESSES IN THESE ACCESS LIST STATEMENTS ARE REJECTED:

The Following Example Of A MAC ACL Allows Access For Packets Received From Three Customer Devices. Packets Transmitted From Any Other Source Address That Does Not Match The Source MAC Addresses In These Access List Statements Are Rejected.

Router> Enable
Router# Configure Terminal
Router(Config)# Access-List 1 Permit 00aa.00aa.00aa
Router(Config)# Access-List 1 Permit 00bb.00bb.00bb
Router(Config)# Access-List 1 Permit 00cc.00cc.00cc
! (Note: All Other Access Implicitly Denied)

ALLOWS ACCESS FOR TRAFFIC FROM ALL DEVICES EXCEPT THE SOURCE MAC ADDRESS

THE FOLLOWING EXAMPLE OF A MAC ACL ALLOWS ACCESS FOR TRAFFIC FROM ALL DEVICES EXCEPT THE SOURCE MAC ADDRESS 00dd.00dd.00d:

Router> Enable
Router# Configure Terminal

Router(Config)# Access-List 1 Permit 00aa.00aa.00aa
Router(Config)# Access-List 1 Permit 00bb.00bb.00bb
Router(Config)# Access-List 1 Permit 00cc.00cc.00cc
Router(Config)# Access-List 1 Deny 00dd.00dd.00dd
Router(Config)# Access-List 1 Permit Any

TO DELETE THE MAC ACL ENTRY THAT REJECTS PACKETS FROM THE SOURCE MAC ADDRESS 00dd.00dd.00d, ENTER THE FOLLOWING COMMAND:

Router(Config)# No Access-List 1 Deny 00dd.00dd.00dd


CONCLUSION:

The Goal Of This Article Is To Give An Easy Way To Understand The “MAC ADDRESS (MEDIA ACCESS CONTROL ADDRESS) LEARNING, FILTERING AND FORWARDING " And Also We Hope This Guide Will Help Every Beginner Who Are Going To Start Cisco Lab Practice Without Any Doubts. Some Topics That You Might Want To Pursue On Your Own That We Did Not Cover In This Article Are Listed Here!

Hands - On Experience Is An Invaluable Part Of Preparing For The Lab Exam And Never Pass Up An Opportunity To Configure Or Troubleshoot A Router ( If You Have Access To Lab Facilities, Take Full Advantage Of Them) There Is No Replacement For The Experience You Can Gain From Working In A Lab, Where You Can Configure Whatever You Want To Configure And Introduce Whatever Problems You Want To Introduce, Without Risk Of Disrupting A Production Network. Thank You And Best Of Luck

This Article Written Author By: Mr. Premakumar Thevathasan - CCNA And CCNP (Routing & Switching), MCSE, MCSA, MCSA - MSG, CIW Security Analyst, CompTIA Certified A+ And Etc.

WARNING AND DISCLAIMER:

Routers Direct And Control Much Of The Data Flowing Across Computer Networks. This Guide Provides Technical Guidance Intended To Help All Network Students, Network Administrators And Security Officers Improve Of Their Demonstrated Ability To Achieve Specific objectives Within Set Timeframes.

This Document Carries No Explicit Or Implied Warranty. Nor Is There Any Guarantee That The Information Contained In This Document Is Accurate. Every Effort Has Been Made To Make All Articles As Complete And As Accurate As Possible, But No Warranty Or Fitness Is Implied.

It Is Offered In The Hopes Of Helping Others, But You Use It At Your Own Risk. The Author Will Not Be Liable For Any Special, Incidental, Consequential Or Indirect Any Damages Due To Loss Of Data Or Any Other Reason That Occur As A Result Of Using This Document. But No Warranty Or Fitness Is Implied. The Information Provided Is On An "As Is" Basic. All Use Is Completely At Your Own Risk.

Home Page Of - > The School Of Cisco Networking (SCN)

Page Of - > SCN InF4 TECH

Contact Details / About Us Page

To Send Email

Window Minimize / Window Maximize

Date & Time: Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)