Vulnerability Development mailing list archives
RE: mac duplication
From: Michael Wojcik <Michael.Wojcik () microfocus com>
Date: Mon, 15 Dec 2003 11:46:38 -0800
Burton M. Strauss III [mailto:BStrauss () acm org] wrote:
That's also not to say you can't spoof the address, but even then, if you override it, you're SUPPOSED to set the LLA bit (i.e. a LLA address is xxxxxx1x:....).
I believe that's LAA - Locally-Administered Address. The OEM-assigned MAC address is a UAA, or Universally-Administered Address. Glenn_Everhart () bankone com wrote:
There exist networks that do not use ARP and require MAC addresses to be adjusted to fit the network address scheme.
Their existence (and the fact they preceded IP) is a reason why essentially all ethernet interfaces can reset their MAC addresses programmatically.
Yup. Pre-APPN SNA is an example; nodes (PUs) were usually addressed directly by MAC address by the sender. Of course it was possible to get the destination's UAA and configure that in the sender's tables, but that was cumbersome, required the destination be up and running before completing comms configuration, and made replacing a NIC (or entire box) difficult. LAAs were much easier to deal with. For SNA, LAAs were probably more commonly seen on Token Ring NICs, since TR was a more popular choice for SNA shops (as I remember), but I set some Ethernet ones too in my day. (Ethernet was a pain because some SNA implementations, but not all, bit-swapped the MAC address.) I suppose another possible use for LAAs is with certain types of failover schemes for high-availability servers. When one server system fails, another can come online with the same LAA MAC address and pick up where the failing one left off. In principle, anyway; I had a vague idea that IBM's HA/CMP did that, but I just checked Lynn Wheeler's site and he indicates that HA/CMP backup servers took over just the IP address, and had to force some noncompliant stacks to pick up the new MAC address. (Apparently the Reno stack had a second, "hidden" 1-item ARP cache that was used as long as the current outbound packet had the same destination IP address as the previous one.) -- Michael Wojcik Principal Software Systems Developer, Micro Focus
Current thread:
- Re: mac duplication, (continued)
- Re: mac duplication dreamwvr () dreamwvr com (Dec 15)
- Re: mac duplication Sam Baskinger (Dec 12)
- Re: mac duplication Jimi Thompson (Dec 13)
- Re: mac duplication fooler (Dec 15)
- RE: mac duplication David Gillett (Dec 15)
- RE: mac duplication Dom De Vitto (Dec 15)
- Re: mac duplication Peter Moody (Dec 15)
- RE: mac duplication Boyer, G. T. IT2 ISSM Office (Dec 15)
- RE: mac duplication Demar, Jeremy D CTM1 (CCDG12 Aug) (Dec 15)
- RE: mac duplication Glenn_Everhart (Dec 15)
- RE: mac duplication Michael Wojcik (Dec 15)