Sign in with
Sign up | Sign in
Your question

Side effects of cloning Mac adress to router?

Tags:
  • Routers
  • Macintosh
  • Wireless Networking
Last response: in Wireless Networking
Share
May 12, 2004 5:16:22 AM

Archived from groups: alt.internet.wireless (More info?)

What if you clone your Mac adress to the router and later move
your Nics or computers around, couldn´t that mess up the whole
network?

Could it not lead to two points on the network having the same
adress?

Just asking.


Lars
Stockholm

More about : side effects cloning mac adress router

Anonymous
May 12, 2004 5:16:23 AM

Archived from groups: alt.internet.wireless (More info?)

clone it again
or back to default

clone buttons don't disappear

<lars@fake.com> wrote in message
news:3ql2a05pnhsm0580s64m33cogosk0osf4v@4ax.com...
> What if you clone your Mac adress to the router and later move
> your Nics or computers around, couldn´t that mess up the whole
> network?
>
> Could it not lead to two points on the network having the same
> adress?
>
> Just asking.
>
>
> Lars
> Stockholm
Anonymous
May 12, 2004 5:16:23 AM

Archived from groups: alt.internet.wireless (More info?)

lars@fake.com wrote in news:3ql2a05pnhsm0580s64m33cogosk0osf4v@4ax.com:

> What if you clone your Mac adress to the router and later move
> your Nics or computers around, couldn´t that mess up the whole
> network?

NO, doing that only affects the WAN port on the router and what the ISP
views as a valid MAC that's been provisioned and linked to your account
that can access their ISP network.

>
> Could it not lead to two points on the network having the same
> adress?

NO, because each NIC MAC is unique and the MAC really only comes into
play when the router is issuing DHCP IP(s) as it links the MAC to an IP
it has issued, which is being kept and tracked by the router in the DHCP
table. You tell the computer to use one of the router's static IP(s) and
the MAC doesn't come into play -- period the router doesn't care about
the MAC.


The router knows how to take care of the situation no matter what you do
on your end. :) 

Duane :) 
Related resources
Can't find your answer ? Ask !
Anonymous
May 12, 2004 5:16:23 AM

Archived from groups: alt.internet.wireless (More info?)

> What if you clone your Mac adress to the router and later move
> your Nics or computers around, couldn´t that mess up the whole
> network?

That is the IP address on the wan port, so your cable provider sees the
same IP as before you put the router in. All computers behind the router
will appear to have the same IP.
Anonymous
May 12, 2004 5:16:24 AM

Archived from groups: alt.internet.wireless (More info?)

A MAC address is not an IP address. The ISP doesn't see what IP address you
assign to the router, the ISP assigns the IP address to the router's WAN
interface.

Ron Bandes, CCNP, CTT+, etc.

"scram" <scram@anon.com> wrote in message
news:Theoc.111766$Jy3.13525@fed1read03...
>
> > What if you clone your Mac adress to the router and later move
> > your Nics or computers around, couldn´t that mess up the whole
> > network?
>
> That is the IP address on the wan port, so your cable provider sees the
> same IP as before you put the router in. All computers behind the router
> will appear to have the same IP.
Anonymous
May 12, 2004 7:23:19 AM

Archived from groups: alt.internet.wireless (More info?)

"Ron Bandes" <RunderscoreBandes @yah00.com> wrote in
news:CQfoc.26316$CC4.11102477@news4.srv.hcvlny.cv.net:

> The MAC address does not come into play only during DHCP negotiation.
> Every IP packet is encapsulated in an Ethernet frame that has a source
> MAC and a destination MAC.
>
> Also, you don't tell the computer to use one of the router's static IP
> addresses. The router assigns a dynamic IP address to the computer
> from a pool of IP addresses. It just isn't true that the router
> doesn't care about the MAC.

Well, I don't know how else to put it about the use of a static IP. As I
understood it, if the router's DHCP IP(s) started from 192.168.1.100
through 192.168.1.150 that's the pool you speak of.

Now if I wanted to use 192.168.1.2 which I understand is a static IP,
then I would have to go to the NIC's configuration screen and enter IP
192.168.1.2 subnet 255.255.255.0 and Default Gateway 192.168.1.1 (Device
IP).

I am only speaking in the context of the OP's post and the MAC and his
mis-understanding of how (basic) things were working; of course the MAC
comes into play when one looks at the picture of network traffic.

>
> However, the original poster needn't worry about a conflict in MAC
> addresses. The TCP/IP protocol suite is layered. IP is a
> Network-layer protocol that understands how to get a packet across an
> internetwork: from network to network to network. But IP doesn't
> understand the details of how to physically get a packet across even a
> single network. It's like IP is a navigator, not a driver.
>
> To continue the navigator/driver analogy, some networks are like
> roads, some are like oceans, some are like air routes. You need
> different drivers to drive cars, boats, and airplanes. These are
> different Data-Link Layer protocols, like Ethernet, PPP (used on
> dialup), and DSL. So after IP determines which network needs to be
> traversed next, it stuffs the IP packet into a Data-Link Layer frame
> that is appropriate for that network type; for your LAN that would be
> Ethernet. Then Ethernet takes over and "drives" the Ethernet frame
> (containing the IP packet) across the LAN from your computer to your
> router. Ethernet knows nothing about IP addresses, so it is using MAC
> addresses to find the router on the Ethernet LAN. So on a LAN, every
> interface (on both computers and routers) have both an IP address and
> a MAC address. When the frame arrives at the router, the packet is
> removed from the Ethernet frame and the frame is discarded. The
> router determines which network the packet must traverse next. It
> then encapsulates the packet in a new frame, and off we go again.
> Remember, not all networks are Ethernet, so in general we can't reuse
> the frame. Also, the destination MAC address in the frame is just the
> next destination, not the final destination. The destination IP
> address in the packet is for the final destination, and it doesn't
> change as the packet makes its way through many networks.
>
> Since MAC addresses are used only to traverse a single network, and
> not an internetwork, it doesn't matter if interfaces on different
> networks have the same MAC address. The only reason that MAC
> addresses are made to be universally unique is that the manufacturer
> doesn't know which two devices will be connected to the same network.
> At home you have three networks in a typical setup: your Ethernet
> LAN, another Ethernet between your router and your broadband modem,
> and the broadband network that connects your modem to the ISP. The
> router's LAN ports are on the Ethernet LAN, the router's WAN port is
> on the other Ethernet between the router and the broadband modem. It
> doesn't matter if the router's WAN port has the same MAC address as a
> computer on the LAN because they're on different networks.

I do appreciate your explaination on all of this, because I certainly
don't have this kind of in-depth knowledge in this area.

However, it's to my understanding that the modem is the device that gets
the public IP from the ISP and the first device behind the modem such as
router, a direct connect computer's NIC, or FW appliance uses the public
IP assigned to the modem --- excuse my lack of words to better describe
this.

I bring the above up because of another discussion I was having with an
OP and his mis-understanding of (excuse me for saying it *stealthing*)
the router ports and the public IP being hidden. This was based on the
Gibson Port scan and stealth check on a router where port 113 was
*closed* and not stealthed. The FTP server needed 113.

I told him it was the modem that was issued the public IP from the ISP
not the router. So, the public IP is known and that so called hiding of
the public IP meant nothing in something discovering the public IP and
stopping port scans.

Also, what's the deal with putting a dummy IP into the DMZ of the router
to redirect unsolicited inbound traffic to the dummy IP in the DMZ of the
router? Is that effective or useless? Also, I port forward port 113 to
the DMZ IP, since one port scan reported that port as being open, which I
don't have any IDENT. The scan reported back 113 was closed when I did
the forwarding.

Can you comment on it?

Duane :) 
Anonymous
May 12, 2004 10:04:28 AM

Archived from groups: alt.internet.wireless (More info?)

replace router with another and use existing cloned mac on a separate subnet
then the mac conflicts on the original network, then you just change or
clone the mac again
and then maybe ip & name #PREload into lmhosts to the original #DOM:group
to blast through the old wan's newest mac, add a route table entry....
so there's more than one way it would conflict - but its easy enuff to
change.
Anonymous
May 12, 2004 2:47:43 PM

Archived from groups: alt.internet.wireless (More info?)

lars@fake.com wrote:

> What if you clone your Mac adress to the router and later move
> your Nics or computers around, couldn?t that mess up the whole
> network?
>
> Could it not lead to two points on the network having the same
> adress?

Not likely, as the router port that has the cloned address, is on the other
side of the router, connected to your ISP. Nothing on your local network
will ever see that address from the router.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.
Anonymous
May 12, 2004 2:48:49 PM

Archived from groups: alt.internet.wireless (More info?)

scram wrote:

>
>> What if you clone your Mac adress to the router and later move
>> your Nics or computers around, couldn´t that mess up the whole
>> network?
>
> That is the IP address on the wan port, so your cable provider sees the
> same IP as before you put the router in. All computers behind the router
> will appear to have the same IP.
>
>

No, it's the MAC address, so that the router appears as the original
computer, to the ISP. Otherwise, you may have to get the ISP to
reprovision for the new device.


--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.
Anonymous
May 13, 2004 2:52:36 AM

Archived from groups: alt.internet.wireless (More info?)

On Wed, 12 May 2004 15:16:04 GMT, in alt.internet.wireless , "Ron Bandes"
<RunderscoreBandes @yah00.com> wrote:

>Duane,
>
>You are correct about the static IP address. If you configure your
>computer's NIC to a specific IP address outside the range of the pool, that
>is static. I'm just not sure why you want to do that.

For one thing, you might want your machines not to keep changing IP address
so that firewall permissioning worked and s/w locked to IP didnt fall over.

Its also a security measure - you block any MAC you don't recognise from
your router, and lock IPs to Macs so that any unknown IP is automatically
an invader.

IMHO its fairly standard practice to lock IPs eitehr by static assignment
or by DHCP but locking the IP to the MAC.
--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html&gt;
CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc...;


----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---
Anonymous
May 13, 2004 2:53:01 AM

Archived from groups: alt.internet.wireless (More info?)

On Wed, 12 May 2004 01:16:22 +0200, in alt.internet.wireless ,
lars@fake.com wrote:

>What if you clone your Mac adress to the router and later move
>your Nics or computers around, couldn´t that mess up the whole
>network?

The Router has 2 macs, one external facing the ISP, and one internal facing
your network.

>Could it not lead to two points on the network having the same
>adress?

Nope.
--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html&gt;
CLC readme: <http://www.angelfire.com/ms3/bchambless0/welcome_to_clc...;


----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---
Anonymous
May 13, 2004 3:48:02 AM

Archived from groups: alt.internet.wireless (More info?)

Mark McIntyre <markmcintyre@spamcop.net> wrote in
news:k075a01vqj2gl90mspj0qme0spmbl0aqti@4ax.com:

> On Wed, 12 May 2004 15:16:04 GMT, in alt.internet.wireless , "Ron
> Bandes" <RunderscoreBandes @yah00.com> wrote:
>
>>Duane,
>>
>>You are correct about the static IP address. If you configure your
>>computer's NIC to a specific IP address outside the range of the pool,
>>that is static. I'm just not sure why you want to do that.
>
> For one thing, you might want your machines not to keep changing IP
> address so that firewall permissioning worked and s/w locked to IP
> didnt fall over.
>
> Its also a security measure - you block any MAC you don't recognise
> from your router, and lock IPs to Macs so that any unknown IP is
> automatically an invader.
>
> IMHO its fairly standard practice to lock IPs eitehr by static
> assignment or by DHCP but locking the IP to the MAC.

The reason being for me is if I need ports 20 and 21 to be port forwarded
to the machine that has the FTP service running, then I don't want to use
a DHCP IP that has the chance of the IP pointing to another machine that
doesn't have the service running.

Duane :) 
Anonymous
May 13, 2004 8:22:26 AM

Archived from groups: alt.internet.wireless (More info?)

"Ron Bandes" <RunderscoreBandes @yah00.com> wrote in
news:Ucroc.34921$CC4.13115464@news4.srv.hcvlny.cv.net:

>
> I'm unfamiliar with the practice of putting a dummy IP address in the
> router's DMZ config. I would expect that to make matters worse, but I
> have no empirical evidence of that. With no DMZ address defined, the
> router should immediately discard packets for which it has no
> destination. With a dummy DMZ address, the router would attempt
> delivery to a device that doesn't exist and won't respond. The router
> will have to wait for these attempts to time-out before the router can
> be sure that delivery is impossible. Does that sound like what's
> happening?

I don't know. The router doesn't seem to have any issues with putting the
dummy IP into the DMZ and the port forwading of 113 as well.

>
> AFAIK, the only way a port can show as open is if some computer
> (including routers) accepts the request for a connection.
> Technically, this means that the scanning computer sends a TCP segment
> (segment is the name we give to packets at the Transport layer) with
> the destination port set to the port number to be scanned, the SYN
> (synchronize) flag turned on, and the ACK (acknowledge) flag turned
> off. The SYN flag says "you've never gotten a segment from me before
> on this connection," and the ACK flag being off says "I've never
> gotten a segment from you before on this connection." This
> combination is a request for a new connection. The computer receiving
> this request will reply in the affirmative only if it has a program
> running that is waiting to accept and process messages coming in on
> this port; this is what it means for a port to be open. If the port
> is open, the request is accepted by responding with a segment having
> the SOURCE port set to the number being scanned, the SYN flag is on
> (since this is the first segment in this direction on this connection)
> and the ACK flag turned on (since a prior segment [the request] was
> received). If the port was closed (so the IP address was found, but
> no program was running on that computer waiting for messages to this
> port) then the computer would respond with a TCP segment having the
> RST (reset) flag turned on, saying that this connection should be
> terminated immediately. If the port is stealthed, then the computer
> receiving the request simply doesn't reply. The scanning computer
> must wait for its request to time out. If all ports are stealthed,
> then the scanning computer doesn't know if the computer exists. If
> even one port responds (open or closed) then the scanner can tell that
> the lack of responses on the other ports is caused by stealthing.
>

My point is I don't see the need to be running a stealth check on a
machine behind the router, since the router is going to stop the scans at
the gateway. The router is the stealth device in this situation. I also
don't see the need to protect the public IP or trying to hide in this
situation as well.

Thanks for the other info I just may take the IP out of the DMZ.

Duane :) 
!