Date: Thu, 18 Jul 2002 23:30:21 +0200 From: "Chris Knipe" <savage@savage.za.org> To: "Dragan Mickovic" <dmickovic@verio.net>, "Z. Frazier" <zfrazier@u.washington.edu> Cc: "faSty" <fasty@i-sphere.com>, "Craig Miller" <craig@millerfam.net>, <freebsd-security@freebsd.org> Subject: Re: wierdness in my security report Message-ID: <00c601c22ea2$768eb9c0$fe01a8c0@genocide> References: <20020718204203.GA71330@i-sphere.com> <Pine.A41.4.44.0207181347360.100196-100000@dante35.u.washington.edu> <20020718172507.A40165@verio.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Just FYI... > there for the MAC address will change. I don't know how they have it configured, > but if the primary comes back to normal operation and has a higher prioraty > than the secondary switch the RP will go back to using the primary switch > and there for will change the MAC address again. The primary router has a priority lower than the secondaries (lowest available priority gets the virtual IP). <From Cisco> Routers running HSRP communicate HSRP information between each other, via HSRP hello packets. These packets are sent to the destination IP multicast address 224.0.0.2 (reserved multicast address used to communicate to all routers) on User Datagram Protocol (UDP) port 1985. These hello packets are sourced with the configured IP address on the interface and the burned-in MAC address of the interface, as opposed to the HSRP or virtual IP and MAC address. This use of source addressing is necessary so that HSRP routers can correctly identify each other. The only exception to the above behavior is for Cisco 2500, 4000, and 4500 routers. These routers have Ethernet hardware that only recognizes a single MAC address. Therefore, these routers will use the HSRP MAC address when they are the active router, and their burned-in address for HSRP hello packets. </SNIP> http://www.cisco.com/warp/public/473/62.shtml Might be helpfull. It explains how to understand and troubleshoot HSRP, and also gives a complete detailed explanation of how HSRP actually works (in much more depth than I just did here)... -- me To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00c601c22ea2$768eb9c0$fe01a8c0>