Static MAC Address Table Entry

Lessons Discussion
22

Hello Azm

The MAC address you see in the output of the show interface command is the MAC address of the switch’s physical port. Conversely the MAC addresses that populate the MAC Address Table are those of the devices connected to the switch. Cisco switches are designed to have a separate MAC address for each individual port. For example, on a 3650 production switch I have, I have the following MAC address that shows up on the show version output (I’ve changed it slightly for security reasons):

Base Ethernet MAC Address : 84:b2:61:aa:3d:00

This is called the base Ethernet MAC address. This is what is used for the bridge ID when STP functions as well as the MAC address announced in BPDUs. This switch has 48 Gigabit Ethernet Ports and four Uplink Gigabit Ethernet Ports. Specifically, their MAC addresses are:

GigabitEthernet 1/0/1:  84:b2:61:aa:3d:00
GigabitEthernet 1/0/2:  84:b2:61:aa:3d:01
GigabitEthernet 1/0/3:  84:b2:61:aa:3d:02
....                    ....
GigabitEthernet 1/0/48:  84:b2:61:aa:3d:30

(Remember MAC addresses are in Hexadecimal that’s why we end at 30 for the last two digits of the MAC address) The four uplink interfaces MAC addresses are as follows:

GigabitEthernet 1/1/1:  84:b2:61:aa:3d:31
GigabitEthernet 1/1/2:  84:b2:61:aa:3d:32
GigabitEthernet 1/1/3:  84:b2:61:aa:3d:33
GigabitEthernet 1/1/4:  84:b2:61:aa:3d:34

Notice how each interface has a MAC address equal to the Base MAC address plus the sequential number of the interface. It is also interesting to note that this switch has a management interface labelled GigabitEthernet 0/0 as well and this interface has the SAME MAC address as the base MAC address.

This is the way that Cisco has decided to manufacture its switches. Other manufacturers choose to keep the same MAC address on all interfaces. This can be made to work for both layer 2 and layer 3 switches, however, in my opinion, a distinct MAC address per interfaces is a much cleaner implementation.

Yes you are correct that the show mac address-table command should show a DYNAMIC MAC address and not STATIC one. STATIC will show up if you have configured a static entry in the MAC address table OR if you have configured a MAC address on the port using port security. Also check to see if the port security is configured with sticky MAC addresses. I haven’t been able to test to see if sticky MAC addresses show up as a STATIC MAC Address table entry or dynamic, but you can test it out.

I hope this has been helpful for you!

Laz

1 Like