[Wlug] iptables use of --mac-source
Frank Sweetser
fs at WPI.EDU
Fri Sep 1 13:35:35 EDT 2006
On Fri, Sep 01, 2006 at 10:40:25AM -0400, John Stoffel wrote:
> This will only work if you have a bridged network, once you have a
> switch in the way, the MAC address will change. This is because
Nope - a switch is logically identical to a bridge with more than two
ports. A packet forwarded by a router will have the routers MAC address
because the router has to generate a new ethernet frame with the same
ethernet payload as the original packet, while a switch will blindly
forward the packet to wherever it's FDB tells it to.
> For network switches, each port has it's own MAC address. Basically,
Only if the switch supports spanning tree, and only for spanning tree - those
per-port MACs aren't used for anything else.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
More information about the Wlug
mailing list