Re: wierdness in my security report

From: Chris Knipe (savage@savage.za.org)
Date: 07/18/02 

From: "Chris Knipe" <savage@savage.za.org>
To: "Dragan Mickovic" <dmickovic@verio.net>, "Z. Frazier" <zfrazier@u.washington.edu>
Date: Thu, 18 Jul 2002 23:30:21 +0200

Just FYI...

> there for the MAC address will change. I don't know how they have it
configured,
> but if the primary comes back to normal operation and has a higher
prioraty
> than the secondary switch the RP will go back to using the primary switch
> and there for will change the MAC address again.

The primary router has a priority lower than the secondaries (lowest
available priority gets the virtual IP).

<From Cisco>
Routers running HSRP communicate HSRP information between each other, via
HSRP hello packets. These packets are sent to the destination IP multicast
address 224.0.0.2 (reserved multicast address used to communicate to all
routers) on User Datagram Protocol (UDP) port 1985. These hello packets are
sourced with the configured IP address on the interface and the burned-in
MAC address of the interface, as opposed to the HSRP or virtual IP and MAC
address. This use of source addressing is necessary so that HSRP routers can
correctly identify each other.

The only exception to the above behavior is for Cisco 2500, 4000, and 4500
routers. These routers have Ethernet hardware that only recognizes a single
MAC address. Therefore, these routers will use the HSRP MAC address when
they are the active router, and their burned-in address for HSRP hello
packets.
</SNIP>

http://www.cisco.com/warp/public/473/62.shtml Might be helpfull. It
explains how to understand and troubleshoot HSRP, and also gives a complete
detailed explanation of how HSRP actually works (in much more depth than I
just did here)... 

--
me
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: ARP packets usage
    ... Ethernet switches, separating traffic between the ... i did not found any MAC adresses belonging to machines other than the ... DON'T act like routers. ... This basically rules out moving packets over Ethernet by any other ...
    (comp.os.linux.networking)
  • Is ISA2004 filtering on IP or an IPs MAC?
    ... does an ISA2004 server filter on IP or an IPs MAC? ... An ISA 2004 server’s default gateway IP is a Cisco HSRP (hot standby routing ... When packets for an upstream BGP session are sent back through the standby ... ISA will only accept those that were sourced on the HSRP virtual IP/MAC. ...
    (microsoft.public.isa)
  • RE: Router stops routing after changing MAC Address
    ... I had a situation 2 weeks ago where a customer connected a system to the ... Bigger routers do it too. ... waited literally hours for the routers to finally purge their ARP caches ... There are not any MAC addresses associated with any ...
    (Linux-Kernel)
  • Re: router lease times across reboots
    ... Leases are typically associated with the MAC address; the port is irrelevant. ... Similarly, the DHCP server may remember which IP address it offered to a particular MAC address and, if it sees a later request from that MAC address, offer the same IP address as was previously leased. ... The DHCP server in many routers can be configured to reserve specific IP addresses for specific MAC addresses. ...
    (uk.comp.homebuilt)
  • Re: Wireless Networking?
    ... She is soon to get a PC laptop and wants internet access. ... Oooh NOOO a Mac at least. ... and position of the wireless access point. ... Firefox on an Iyonix should work for most routers. ...
    (comp.sys.acorn.hardware)