Skip navigation
Login   |   Register
Cisco Learning Home > Connections > Discussions


This Question is Answered 1 Helpful Answer available (2 pts)
7169 Views 2 Replies Latest reply: Dec 12, 2008 4:48 AM by Paul Stewart - CCIE Security RSS

Currently Being Moderated

source mac address

Dec 11, 2008 9:04 PM

Andrea 38 posts since
Aug 8, 2008


Hello can someone explain why when a router sends a packet to a host that is connected to a switch, the source mac address seen by the host pc is that of the router and not of the switch. Should 'nt the mac address change at every hop so why it is not doing the change when it passes through a switch






Thank you



  • Conwyn 9,657 posts since
    Sep 10, 2008
    Currently Being Moderated
    1. Dec 11, 2008 11:17 PM (in response to Andrea)
    Re: source mac address


    Hi Andrea



    The function of a switch is to join cables together. Hop is a routing concept.



    Regards Conwyn



    Join this discussion now: Login / Register
  • Paul Stewart  -  CCIE Security 7,568 posts since
    Jul 18, 2008
    Currently Being Moderated
    2. Dec 12, 2008 4:48 AM (in response to Andrea)
    Re: source mac address

    Switches utilize the layer two information but do not modify the mac address. This is similar to how routers utilize layer 3 (ip addresses) but do not modify it. The only exception would be if you were layer two bridging where the layer two addressing were not compatible (i.e token ring is not exactly compatible to ethernet).






    So a more accurate way to look at this in general, is a layer 3 device, inspects the packet at layer 3 so it knows what to do with it. However, the layer three information will remain constant. Obviously layers one and two will have to be rebuilt based on the exit interface and the next hop. In a routed case, you have a datagram (layer 3 terminology) going from host A to host B. That datagram will remain constant even though it passes through multiple routers. However in this case, each router will rebuild the frame (layer 2) that carries the datagram.




    In a switching situation, you have a datagram going from one host two another This same datagram is encapsulated into a frame. The frame should only change as it traverses an incompatible layer 2 device (maybe a source route translational bridge for token ring) or a layer three device. The question as to why this doesn't change as it passes through a switch is similar to asking why an IP address doesn't change as it passes through a router. IP addresses are for end to end deliver (within the context of layer 3), and MAC addresses are for end to end delivery (within the context of layer 2). There may be multiple layer two domains and while each will likely have different mac addressing, that addressing will remain constant while the frame is in that layer two domain.



    Another thing to consider. Concerning the CAM table in a switch, think about the trunk purts. If as a frame passed through a switch, the mac source was changed to that of the switch it would cause incomplete cam tables in the adjacent switch. Basically, each switch would only know about directly connected hosts and the cam entryies for the trunk port would only report the mac address of the adjacent switch. In that case, frames that are non-local to the switch would be flooded and our switches would act a lot like hubs.

    Join this discussion now: Login / Register


More Like This

  • Retrieving data ...

Bookmarked By (0)