nanog mailing list archives
LLDP Source MAC
From: Crist Clark <cjc+nanog () pumpky net>
Date: Tue, 8 Feb 2022 10:23:32 -0800
Came across some endpoint behavior that caused some confusion with a MAC authentication bypass (MAB) setup, and I was wondering if this is some kind of well known behavior. The endpoints (Pure storage arrays) are using the expected MAC addresses, both fixed and a “virtual” shared MAC for 99.9% of the traffic. The one exception is that the LLDP multicasts have a random-looking source MAC. The source MAC has the non-unique bit flipped on. Is this a well known type of behavior? Quick Google turned up some others noticing this in very different devices. May be more wide spread, but how often would people notice?
Current thread:
- LLDP Source MAC Crist Clark (Feb 08)