mac duplication

[Dev <u02113 () cs unipune ernet in>]

hi ppl, please redirect me to a different mailing list if this is not the appropriate list to post to.

I did the following experiment:

I have a switched ethernet network in my university.
I wanted to capture packets meant for a certain machine on a different port of a Dlink switch. I thought that arp 
poisoning would be too noisy - arpwatch can catch it, & its too bulky for the MITM machine (in case we are poisoning a 
heavily loaded server machine.)
& So i duplicated the mac of the victim machine on my own machine. 

What i saw was this:

ping packet drop rate for any of the two machines from a third machine varied from 40 to almost 80 %. Also say telnet 
sessions to any of the two machines (which had now the same mac addresses) worked with notable 4-5 second lockups. 

Further i could not ping the other machine from one of the duplicated machines. (the last one is okay - it makes a lot 
of sense) 

My premise is that the problem in connectivity is coming becoz the OS does not fall back to half duplex mode when two 
machines take up the same mac address??

can anyone plz tell me about the behaviour. How do i set up mac duplication in that case so that i can sniff data. 

I dont want to hurt network performance. & so dont want to do mac flooding. Anyways i m not even sure the switches we 
have here would resort to broadcast mode in case of mac flooding.

Last but not the least its my second message to the list, & people were really helpful in discussing about my queries 
in my first message.

Mailing lists rock..

Devrat