[c-nsp] protecting router MAC addresses

Dale W. Carder dwcarder at doit.wisc.edu
Wed Oct 13 21:28:20 EDT 2004

On Oct 13, 2004, at 7:56 AM, lee.e.rian at census.gov wrote:
> what happens if we have a malicious user intentionally spoofing
> the HSRP MAC

The "good news" is that HSRP will generate syslog messages when
someone else is using its IP address.  It will also generate this
log if there is a network loop and a HSRP router hears its own

Stealing the mac address of the router is a known problem of ethernet
networks.  A good article to read about this is:

One solution would be to put mac address ACL's on edge ports, if you
have that capability.  Or you could put static mac address entries on
your access switches.


Dale W. Carder
Network Engineer
University of Wisconsin at Madison

More information about the cisco-nsp mailing list