Solved: NICs with the same MAC on one switch

Steve Zhou · ‎12-17-2012

Hi all,

Presuming that we connect 2 NICs with the same MAC to one switch (port1 and port2), what would a switch handle such condition? Will the MAC table be messed up?

Actually, in a cloud computing environment, different VMs from different customer might connect with the same virtual switch and both VM could have the same MAC and/or IP address.

I just wondering how could a switch handle this.

thank you!

cadet alain · ‎12-18-2012

Hi,

No having multiple MAC learned on one port is ok but the same MAC appearing on 2 physical ports in same VLAN will make the CAM table change the port-MAC mapping each time the MAC appears on a different port.

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

cadet alain · ‎12-17-2012

Hi,

a mac address can't be on 2 ports of the same vlan at the same time so the switch will continuously update its CAM table

when it receives a frame on a different port.

Regards.

Alain

Don't forget to rate helpful posts.

Steve Zhou · ‎12-18-2012

So it means that it is impossible for a physical port to point to two different MAC at ths same time, right?

cadet alain · ‎12-18-2012

Hi,

No having multiple MAC learned on one port is ok but the same MAC appearing on 2 physical ports in same VLAN will make the CAM table change the port-MAC mapping each time the MAC appears on a different port.

Regards.

Alain

Don't forget to rate helpful posts.

Steve Zhou · ‎12-18-2012

Oh...you are right. I see now.

Not sure if you have experience in a cloud environment, where two VMs from different customer might have the same MAC assigned and connecting to the same vswitch within the same hypervisor host. It would cause problem as you mentioned above. Do you know how does the clould service provide resolve this issue to meet network isolation requirements?

cadet alain · ‎12-18-2012

Hi,

I'm sorry I have no experience with such design.

Regards.

Alain

Don't forget to rate helpful posts.

Steve Zhou · ‎12-18-2012

Oh...that's fine, thanks a lot for your help with my initial questions.

Kyle McKay · ‎12-19-2012

Alain's answer is a good one..

It breaks the fundamentals of switching to have TWO separate physical ports registering the same MAC address in the CAM table. As he mentioned, the switch would have to constantly rewrite the CAM entry each time a frame appears from a different physical interface.

If the two identical MAC addresses appeared on the same physical port, that does not break any "rules" of switching - all you would see is 1 entry in the switch for that physical interface.

As for your follow-up question regarding the cloud environment. I can't say I have any experience in that type of environment, but I would say that Private VLANs might be one of the potential answers.

Steve Zhou · ‎12-19-2012

thank you for your complementary information, Kyle.

For PVLAN, you refer to Q-in-Q, right? I feel like I've heard about this be to used to isolate network. But I didn't get deep into this protocol so not very sure about this. Is it a OSI Layer 2 protocol?

cadet alain · ‎12-20-2012

Hi,

PVLANS and QinQ( aka Dot1q Tunneling) are 2 different technologies which serve different purposes.

Regards.

Alain

Don't forget to rate helpful posts.

Jeff Van Houten · ‎12-31-2012

I would have to refresh my reading, but I seem to remember that VMware has a process in their products that takes this type occurrence into account and will re-mac a vm if needed. I'm not sure about the other hyper visors.
Sent from Cisco Technical Support iPad App