From owner-freebsd-security Thu Jul 18 14:32: 7 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F57337B400 for ; Thu, 18 Jul 2002 14:32:04 -0700 (PDT) Received: from starcraft.mweb.co.za (starcraft.mweb.co.za [196.2.45.78]) by mx1.FreeBSD.org (Postfix) with ESMTP id B8CEE43E42 for ; Thu, 18 Jul 2002 14:32:01 -0700 (PDT) (envelope-from savage@savage.za.org) Received: from cpt-dial-196-30-179-228.mweb.co.za ([196.30.179.228] helo=netsonic.megalan.co.za) by starcraft.mweb.co.za with esmtp (Exim 4.01) id 17VIqQ-0007bu-00; Thu, 18 Jul 2002 23:29:55 +0200 Received: from genocide.megalan.co.za ([192.168.1.254] helo=genocide) by netsonic.megalan.co.za with smtp (Exim 3.36 #2) id 17VIsD-000DN6-47; Thu, 18 Jul 2002 23:31:45 +0200 Message-ID: <00c601c22ea2$768eb9c0$fe01a8c0@genocide> From: "Chris Knipe" To: "Dragan Mickovic" , "Z. Frazier" Cc: "faSty" , "Craig Miller" , References: <20020718204203.GA71330@i-sphere.com> <20020718172507.A40165@verio.net> Subject: Re: wierdness in my security report Date: Thu, 18 Jul 2002 23:30:21 +0200 Organization: MegaLAN Corporate Networking Services MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Just FYI... > there for the MAC address will change. I don't know how they have it configured, > but if the primary comes back to normal operation and has a higher prioraty > than the secondary switch the RP will go back to using the primary switch > and there for will change the MAC address again. The primary router has a priority lower than the secondaries (lowest available priority gets the virtual IP). Routers running HSRP communicate HSRP information between each other, via HSRP hello packets. These packets are sent to the destination IP multicast address 224.0.0.2 (reserved multicast address used to communicate to all routers) on User Datagram Protocol (UDP) port 1985. These hello packets are sourced with the configured IP address on the interface and the burned-in MAC address of the interface, as opposed to the HSRP or virtual IP and MAC address. This use of source addressing is necessary so that HSRP routers can correctly identify each other. The only exception to the above behavior is for Cisco 2500, 4000, and 4500 routers. These routers have Ethernet hardware that only recognizes a single MAC address. Therefore, these routers will use the HSRP MAC address when they are the active router, and their burned-in address for HSRP hello packets. http://www.cisco.com/warp/public/473/62.shtml Might be helpfull. It explains how to understand and troubleshoot HSRP, and also gives a complete detailed explanation of how HSRP actually works (in much more depth than I just did here)... -- me To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message