If the MAC address does not exist, the switch acts like a hub and forwards the frame out every other port on the switch while learning the MAC for next time. In this case the switch forwards the frame to the MAC address port designated in the MAC address table. If the switch has already learned the MAC address of the computer connected to his particular port then an entry exists for the MAC address. When frames arrive on switch ports, the source MAC addresses are learned from Layer 2 packet header and recorded in the MAC address table. Cisco Catalyst switch models use a MAC address table for Layer 2 switching. When switch receives a frame, he looks in the MAC address table (sometimes called CAM table) for the destination MAC address. To understand the mechanism of a MAC address table overflow attack we must recall how does a switch work in the first place. MAC flooding attacks are sometimes called MAC address table overflow attacks. MAC address table in the switch has the MAC addresses available on a given physical port of a switch and the associated VLAN parameters for each. MAC address flooding attack is very common security attack.
0 Comments
Leave a Reply. |