Side effects of cloning Mac adress to router?

Archived from groups: alt.internet.wireless (More info?)

What if you clone your Mac adress to the router and later move
your Nics or computers around, couldn´t that mess up the whole
network?

Could it not lead to two points on the network having the same
adress?

Just asking.


Lars
Stockholm
12 answers Last reply
More about side effects cloning adress router
  1. Archived from groups: alt.internet.wireless (More info?)

    clone it again
    or back to default

    clone buttons don't disappear

    <lars@fake.com> wrote in message
    news:3ql2a05pnhsm0580s64m33cogosk0osf4v@4ax.com...
    > What if you clone your Mac adress to the router and later move
    > your Nics or computers around, couldn´t that mess up the whole
    > network?
    >
    > Could it not lead to two points on the network having the same
    > adress?
    >
    > Just asking.
    >
    >
    > Lars
    > Stockholm
  2. Archived from groups: alt.internet.wireless (More info?)

    lars@fake.com wrote in news:3ql2a05pnhsm0580s64m33cogosk0osf4v@4ax.com:

    > What if you clone your Mac adress to the router and later move
    > your Nics or computers around, couldn´t that mess up the whole
    > network?

    NO, doing that only affects the WAN port on the router and what the ISP
    views as a valid MAC that's been provisioned and linked to your account
    that can access their ISP network.

    >
    > Could it not lead to two points on the network having the same
    > adress?

    NO, because each NIC MAC is unique and the MAC really only comes into
    play when the router is issuing DHCP IP(s) as it links the MAC to an IP
    it has issued, which is being kept and tracked by the router in the DHCP
    table. You tell the computer to use one of the router's static IP(s) and
    the MAC doesn't come into play -- period the router doesn't care about
    the MAC.


    The router knows how to take care of the situation no matter what you do
    on your end. :)

    Duane :)
  3. Archived from groups: alt.internet.wireless (More info?)

    > What if you clone your Mac adress to the router and later move
    > your Nics or computers around, couldn´t that mess up the whole
    > network?

    That is the IP address on the wan port, so your cable provider sees the
    same IP as before you put the router in. All computers behind the router
    will appear to have the same IP.
  4. Archived from groups: alt.internet.wireless (More info?)

    A MAC address is not an IP address. The ISP doesn't see what IP address you
    assign to the router, the ISP assigns the IP address to the router's WAN
    interface.

    Ron Bandes, CCNP, CTT+, etc.

    "scram" <scram@anon.com> wrote in message
    news:Theoc.111766$Jy3.13525@fed1read03...
    >
    > > What if you clone your Mac adress to the router and later move
    > > your Nics or computers around, couldn´t that mess up the whole
    > > network?
    >
    > That is the IP address on the wan port, so your cable provider sees the
    > same IP as before you put the router in. All computers behind the router
    > will appear to have the same IP.
  5. Archived from groups: alt.internet.wireless (More info?)

    "Ron Bandes" <RunderscoreBandes @yah00.com> wrote in
    news:CQfoc.26316$CC4.11102477@news4.srv.hcvlny.cv.net:

    > The MAC address does not come into play only during DHCP negotiation.
    > Every IP packet is encapsulated in an Ethernet frame that has a source
    > MAC and a destination MAC.
    >
    > Also, you don't tell the computer to use one of the router's static IP
    > addresses. The router assigns a dynamic IP address to the computer
    > from a pool of IP addresses. It just isn't true that the router
    > doesn't care about the MAC.

    Well, I don't know how else to put it about the use of a static IP. As I
    understood it, if the router's DHCP IP(s) started from 192.168.1.100
    through 192.168.1.150 that's the pool you speak of.

    Now if I wanted to use 192.168.1.2 which I understand is a static IP,
    then I would have to go to the NIC's configuration screen and enter IP
    192.168.1.2 subnet 255.255.255.0 and Default Gateway 192.168.1.1 (Device
    IP).

    I am only speaking in the context of the OP's post and the MAC and his
    mis-understanding of how (basic) things were working; of course the MAC
    comes into play when one looks at the picture of network traffic.

    >
    > However, the original poster needn't worry about a conflict in MAC
    > addresses. The TCP/IP protocol suite is layered. IP is a
    > Network-layer protocol that understands how to get a packet across an
    > internetwork: from network to network to network. But IP doesn't
    > understand the details of how to physically get a packet across even a
    > single network. It's like IP is a navigator, not a driver.
    >
    > To continue the navigator/driver analogy, some networks are like
    > roads, some are like oceans, some are like air routes. You need
    > different drivers to drive cars, boats, and airplanes. These are
    > different Data-Link Layer protocols, like Ethernet, PPP (used on
    > dialup), and DSL. So after IP determines which network needs to be
    > traversed next, it stuffs the IP packet into a Data-Link Layer frame
    > that is appropriate for that network type; for your LAN that would be
    > Ethernet. Then Ethernet takes over and "drives" the Ethernet frame
    > (containing the IP packet) across the LAN from your computer to your
    > router. Ethernet knows nothing about IP addresses, so it is using MAC
    > addresses to find the router on the Ethernet LAN. So on a LAN, every
    > interface (on both computers and routers) have both an IP address and
    > a MAC address. When the frame arrives at the router, the packet is
    > removed from the Ethernet frame and the frame is discarded. The
    > router determines which network the packet must traverse next. It
    > then encapsulates the packet in a new frame, and off we go again.
    > Remember, not all networks are Ethernet, so in general we can't reuse
    > the frame. Also, the destination MAC address in the frame is just the
    > next destination, not the final destination. The destination IP
    > address in the packet is for the final destination, and it doesn't
    > change as the packet makes its way through many networks.
    >
    > Since MAC addresses are used only to traverse a single network, and
    > not an internetwork, it doesn't matter if interfaces on different
    > networks have the same MAC address. The only reason that MAC
    > addresses are made to be universally unique is that the manufacturer
    > doesn't know which two devices will be connected to the same network.
    > At home you have three networks in a typical setup: your Ethernet
    > LAN, another Ethernet between your router and your broadband modem,
    > and the broadband network that connects your modem to the ISP. The
    > router's LAN ports are on the Ethernet LAN, the router's WAN port is
    > on the other Ethernet between the router and the broadband modem. It
    > doesn't matter if the router's WAN port has the same MAC address as a
    > computer on the LAN because they're on different networks.

    I do appreciate your explaination on all of this, because I certainly
    don't have this kind of in-depth knowledge in this area.

    However, it's to my understanding that the modem is the device that gets
    the public IP from the ISP and the first device behind the modem such as
    router, a direct connect computer's NIC, or FW appliance uses the public
    IP assigned to the modem --- excuse my lack of words to better describe
    this.

    I bring the above up because of another discussion I was having with an
    OP and his mis-understanding of (excuse me for saying it *stealthing*)
    the router ports and the public IP being hidden. This was based on the
    Gibson Port scan and stealth check on a router where port 113 was
    *closed* and not stealthed. The FTP server needed 113.

    I told him it was the modem that was issued the public IP from the ISP
    not the router. So, the public IP is known and that so called hiding of
    the public IP meant nothing in something discovering the public IP and
    stopping port scans.

    Also, what's the deal with putting a dummy IP into the DMZ of the router
    to redirect unsolicited inbound traffic to the dummy IP in the DMZ of the
    router? Is that effective or useless? Also, I port forward port 113 to
    the DMZ IP, since one port scan reported that port as being open, which I
    don't have any IDENT. The scan reported back 113 was closed when I did
    the forwarding.

    Can you comment on it?

    Duane :)
  6. Archived from groups: alt.internet.wireless (More info?)

    replace router with another and use existing cloned mac on a separate subnet
    then the mac conflicts on the original network, then you just change or
    clone the mac again
    and then maybe ip & name #PREload into lmhosts to the original #DOM:group
    to blast through the old wan's newest mac, add a route table entry....
    so there's more than one way it would conflict - but its easy enuff to
    change.
  7. Archived from groups: alt.internet.wireless (More info?)

    lars@fake.com wrote:

    > What if you clone your Mac adress to the router and later move
    > your Nics or computers around, couldn?t that mess up the whole
    > network?
    >
    > Could it not lead to two points on the network having the same
    > adress?

    Not likely, as the router port that has the cloned address, is on the other
    side of the router, connected to your ISP. Nothing on your local network
    will ever see that address from the router.

    --

    Fundamentalism is fundamentally wrong.

    To reply to this message, replace everything to the left of "@" with
    james.knott.
  8. Archived from groups: alt.internet.wireless (More info?)

    scram wrote:

    >
    >> What if you clone your Mac adress to the router and later move
    >> your Nics or computers around, couldn´t that mess up the whole
    >> network?
    >
    > That is the IP address on the wan port, so your cable provider sees the
    > same IP as before you put the router in. All computers behind the router
    > will appear to have the same IP.
    >
    >

    No, it's the MAC address, so that the router appears as the original
    computer, to the ISP. Otherwise, you may have to get the ISP to
    reprovision for the new device.


    --

    Fundamentalism is fundamentally wrong.

    To reply to this message, replace everything to the left of "@" with
    james.knott.
  9. Archived from groups: alt.internet.wireless (More info?)

    On Wed, 12 May 2004 15:16:04 GMT, in alt.internet.wireless , "Ron Bandes"
    <RunderscoreBandes @yah00.com> wrote:

    >Duane,
    >
    >You are correct about the static IP address. If you configure your
    >computer's NIC to a specific IP address outside the range of the pool, that
    >is static. I'm just not sure why you want to do that.

    For one thing, you might want your machines not to keep changing IP address
    so that firewall permissioning worked and s/w locked to IP didnt fall over.

    Its also a security measure - you block any MAC you don't recognise from
    your router, and lock IPs to Macs so that any unknown IP is automatically
    an invader.

    IMHO its fairly standard practice to lock IPs eitehr by static assignment
    or by DHCP but locking the IP to the MAC.
    --
    Mark McIntyre
    CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
    CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc.html>


    ----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
    http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
    ---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---
  10. Archived from groups: alt.internet.wireless (More info?)

    On Wed, 12 May 2004 01:16:22 +0200, in alt.internet.wireless ,
    lars@fake.com wrote:

    >What if you clone your Mac adress to the router and later move
    >your Nics or computers around, couldn´t that mess up the whole
    >network?

    The Router has 2 macs, one external facing the ISP, and one internal facing
    your network.

    >Could it not lead to two points on the network having the same
    >adress?

    Nope.
    --
    Mark McIntyre
    CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
    CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc.html>


    ----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
    http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
    ---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---
  11. Archived from groups: alt.internet.wireless (More info?)

    Mark McIntyre <markmcintyre@spamcop.net> wrote in
    news:k075a01vqj2gl90mspj0qme0spmbl0aqti@4ax.com:

    > On Wed, 12 May 2004 15:16:04 GMT, in alt.internet.wireless , "Ron
    > Bandes" <RunderscoreBandes @yah00.com> wrote:
    >
    >>Duane,
    >>
    >>You are correct about the static IP address. If you configure your
    >>computer's NIC to a specific IP address outside the range of the pool,
    >>that is static. I'm just not sure why you want to do that.
    >
    > For one thing, you might want your machines not to keep changing IP
    > address so that firewall permissioning worked and s/w locked to IP
    > didnt fall over.
    >
    > Its also a security measure - you block any MAC you don't recognise
    > from your router, and lock IPs to Macs so that any unknown IP is
    > automatically an invader.
    >
    > IMHO its fairly standard practice to lock IPs eitehr by static
    > assignment or by DHCP but locking the IP to the MAC.

    The reason being for me is if I need ports 20 and 21 to be port forwarded
    to the machine that has the FTP service running, then I don't want to use
    a DHCP IP that has the chance of the IP pointing to another machine that
    doesn't have the service running.

    Duane :)
  12. Archived from groups: alt.internet.wireless (More info?)

    "Ron Bandes" <RunderscoreBandes @yah00.com> wrote in
    news:Ucroc.34921$CC4.13115464@news4.srv.hcvlny.cv.net:

    >
    > I'm unfamiliar with the practice of putting a dummy IP address in the
    > router's DMZ config. I would expect that to make matters worse, but I
    > have no empirical evidence of that. With no DMZ address defined, the
    > router should immediately discard packets for which it has no
    > destination. With a dummy DMZ address, the router would attempt
    > delivery to a device that doesn't exist and won't respond. The router
    > will have to wait for these attempts to time-out before the router can
    > be sure that delivery is impossible. Does that sound like what's
    > happening?

    I don't know. The router doesn't seem to have any issues with putting the
    dummy IP into the DMZ and the port forwading of 113 as well.

    >
    > AFAIK, the only way a port can show as open is if some computer
    > (including routers) accepts the request for a connection.
    > Technically, this means that the scanning computer sends a TCP segment
    > (segment is the name we give to packets at the Transport layer) with
    > the destination port set to the port number to be scanned, the SYN
    > (synchronize) flag turned on, and the ACK (acknowledge) flag turned
    > off. The SYN flag says "you've never gotten a segment from me before
    > on this connection," and the ACK flag being off says "I've never
    > gotten a segment from you before on this connection." This
    > combination is a request for a new connection. The computer receiving
    > this request will reply in the affirmative only if it has a program
    > running that is waiting to accept and process messages coming in on
    > this port; this is what it means for a port to be open. If the port
    > is open, the request is accepted by responding with a segment having
    > the SOURCE port set to the number being scanned, the SYN flag is on
    > (since this is the first segment in this direction on this connection)
    > and the ACK flag turned on (since a prior segment [the request] was
    > received). If the port was closed (so the IP address was found, but
    > no program was running on that computer waiting for messages to this
    > port) then the computer would respond with a TCP segment having the
    > RST (reset) flag turned on, saying that this connection should be
    > terminated immediately. If the port is stealthed, then the computer
    > receiving the request simply doesn't reply. The scanning computer
    > must wait for its request to time out. If all ports are stealthed,
    > then the scanning computer doesn't know if the computer exists. If
    > even one port responds (open or closed) then the scanner can tell that
    > the lack of responses on the other ports is caused by stealthing.
    >

    My point is I don't see the need to be running a stealth check on a
    machine behind the router, since the router is going to stop the scans at
    the gateway. The router is the stealth device in this situation. I also
    don't see the need to protect the public IP or trying to hide in this
    situation as well.

    Thanks for the other info I just may take the IP out of the DMZ.

    Duane :)
Ask a new question

Read More

Routers Macintosh Wireless Networking