MAC layer addresses are only valid on your local Ethernet segment.
Once the packet goes through a router, the connection of the orginal
packet at the MAC layer is stripped away. The source MAC address on
a packet that is forwarded by router is the address of the Ethernet
interface where the packet is being forwarded to. The source IP
address remains the same. Remember the MAC source address is the
Ethernet device that is sending the packet, and the destination is the
next Ethernet hop. For example you have machines A and B on two
separate ethernet segments 1 and 2, the segments are connected via a
router, we will call R. Each Ethernet device has its own MAC address.
For simplicty we'll call the MAC address of machine A, A1 and the MAC
address of machine B, B2. The router has two separate Ethernet
segments one interface attached to segment 1, which we'll give MAC
address R1, and the other attached to 2, with MAC address R2 When a
packet is being send from machine A to machine B, at the IP level the
source address will ALWAYS be the IP address of machine A, and
desitination IP address will ALWAYS be the IP address of machine B.
+-+A1 R1| |R2 B1+-+
|A|-------------| Router |--------------|B|
+-+ | | +-+
At the MAC layer the MAC source is not always machine A and the
destination MAC address is not always machine B. In this case, the
packet that machine A sends out has a MAC source address of A1, and a
destination MAC address of R1. The router receives the packet, and it
is passed up to IP by the "Ethernet Driver" on the router only because
the destination Ethernet address is R1 (the interface on the router
that received the packet) The IP layer of the router gets the packet,
examines the destination IP address and determines that it needs to be
sent out interface R2. When the packet is sent out by the router on
interface R2 the MAC source address is R2 and the destination MAC
address is B2. The IP address have not changed but the MAC addresses
What this means is that MAC address need only be unique within
segments that share a single router (or bridge).
______________________________ Reply Separator _________________________________
Subject: Re: Concerns about MAC spoofing
Author: dennis @
com at INTERNET
Date: 11/2/94 8:53 AM
> Secondly, what happens if two cards exist with same MAC address on a network?
> Does it lock up both cards, or do the two cards start sending garbage onto
> the Ethernet and locking up the entire network?
I could be mistaken but, my understanding is that physical MAC address
are unique! Hence, the situation you describe can only be created when
somebody spoofs up a duplicate address. The effect on the Internet
will var based upon the protocol you are using. Netware will probably
go nuts, TCP/IP should survive but there will be a lot packets dropped
due to incorrect header contents ... I think
Dennis The Newbie