Normally your switch will automatically learn MAC addresses and fill its MAC address table (CAM table) by looking at the source MAC address of incoming frames and flooding frames if it doesn’t know where to forward the frame.
This process is vulnerable to layer 2 MAC address spoofing attacks where an attacker spoofs a certain MAC address to change entries in the MAC address table. A really simple method to deal with this issue is to manually configure entries in the MAC address table, a static entry will always overrule dynamic entries. You can either specify the interface where the MAC address is located or tell the switch to drop the traffic.
Let’s look at an example!
To demonstrate this we only require two devices. A router to generate some traffic and a switch to look at (and configure) the MAC address table. Here’s the configuration:
Note: SPOTO is committed to sharing some useful, free and valuable study materials about the Cisco certification exam, and you can follow the SPOTO blog to get the latest exam information. fi you have any question, and you can contact us by clicking here:
More you may be interested:
1.Top 5 IT Certification for Networking Engineers 2019
2. Top 10 IT Certification for Networking Engineers Newbie
3. Top 3 IT Certification for Networking Engineers 2019