mac address issue with charter modem

matt werner · ‎12-28-2013

i have a cisco 3500 xl series switch i think 3548 to be exact.im trying to do some network troubleshoting with packet captureing. basicly i have setup 2 vlans. vlan1 is private network and vlan2 is for mode

vlan 1 = fa0/1-45

vlan 2 = fa0/46-48

my issue is with vlan 2. i have span setup on port 46, i have charter cable modem connected to port 47 and a router connected to port 48. the router is directly conencted to a windows server machine. my isp only gives me 1 ip address. the problem is that the modem is seeing the mac address of the switch and when it issues its dhcp its handed to to mac of the switch therefor i cannot get an ip from the modem to the router on port 48. i tihnk basicly the modem is detecting the mac of the switch and reserves the address for that mac so the router cannot get an address. all of the routers are ddwrt.

John Blakley · ‎12-29-2013

Matt,

Is this the way that it's currently connected:

Charter ---- 3548 ----- router on port 48 ----- server?

With cable services, they bind the ip address that they hand out to the first mac address that responds. If the setup is the way it is above, I'm not sure the reasoning for setting it up this way. Personally, I would connect it like:

charter --- router --- 3548 --- server

If that's the way it is connected and I completely got it wrong the first time, you can call Charter and have them clear the learned mac address from their table. Disconnect all equipment from the router and reboot it. When it comes up and pulls the address, they should bind the address to your router instead of the 3548. I'm not familiar with dd-wrt, so I'm not sure if you can route vlans with it.

Note: After writing this, I realized that the 3548 is a L2 switch, so your vlans will be L2 and will need something to route for them.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

matt werner · ‎12-29-2013

Hi john thankyou for the fast reply, you are correct about

Charter ---- 3548 ----- router on port 48 ------ server

and you are right about thte cable modem learning the mac of the switch, but the modem will relearn the mac apon restart.

John Blakley · ‎12-29-2013

There's not a way that I'm aware of to make the modem ignore the mac of the switch. Is your router on vlan 1? If it is, or can be, then techically it should be the mac address that the cable modem sees. Now, when you make the change, you'll need to disconnect your lan cable from the cable modem so it can time out on their end.

What I would try is this:

Charter ---- 3560 on vlan 1 ---- router on vlan 1 with vlan 2 subinterface ---- server.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

matt werner · ‎12-29-2013

thanks again john,

i'm not sure that i uderstad "Is your router on vlan 1? If it is, or can be, then techically it should be the mac address that the cable modem sees" . basicly i just wanted vlan2 to only be 3 ports, the router, modem, span. so that i could mirror the packets to port 46 and have the modem on 47 and the router on port 48. so i am trying to figure out if it is possible to have port 48 pass its mac to port 47 instead of the switches mac. so you are saying this is not possible?

John Blakley · ‎12-29-2013

Can you post the config of the switch? I'm interested in the port the router connects to, the port the cable modem connects to, and the interfaces that you have configured on the switch for the vlans.

I'm not understanding why you don't connect the cable modem directly to the router and the router to the switch. You can still have your 2 vlans, but being that switch is L2 and doesn't support natting, you're going to have issues. Swap the equipment around and you'll be surprised at the result. The only issue that I see is if your dd-wrt supports vlans and can route between them.

I'm assuming, without seeing the config, the switch interface that the cable modem connects to is going to be the mac address that the cable modem will report since it has a mac address for each interface on the switch. There's no way that I'm aware of to change this behavior.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

matt werner · ‎12-30-2013

i

John Blakley · ‎12-30-2013

"if i connect the modem to the router and then to the switch wont it only show the internal address between the router and servers traffic. i need to be able to identify a specific public ip address on the span port with wireshark"

Yes, you'll have all internal addressing, but the cable modem will get the correct mac address of your router. You could try removing the ip address from vlan 1 and the svi for vlan 1 in order to be able to get it to a L2 switch. Then add that interface that connects to the charter modem to vlan 2. You're still going to need to either call Charter to have them clear out your address that they've learned, or you can disconnect and let it time out. In the end, I still think you're going to be in the same situation.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

matt werner · ‎12-18-2014

i

matt werner · ‎12-18-2014

i know this is an old thread but if anyone else is having a similar issue trying to use a Cisco switch specifically to mirrior the packets from the WAN side the solution was to disable the discovery protocol on the switch

switchport mode access
no keepalive
no cdp enable
spanning-tree portfast
spanning-tree bpdufilter enable

seems to shut up the switch from talking to the modem

Good Luck