Possible Duplicate:
Can duplicate MAC addresses on same LAN cause trouble?
What happens to network traffic on a switched LAN if two devices have the same MAC (probably because one is cloning the other). This is probably a static IP network instead of DHCP. If someone sends to that MAC, would it go to both computers? If one of those computers sends to a third computer, everything should be normal? Or maybe the ACK messages won't make it back? Thanks!
It's going to be dependent on the switch in use by the hosts in question. The hosts themselves have no awareness of the infrastructure to which they're connected and don't know which switch port the destination hosts are connected to. How exactly the switch handles the same MAC address registered on different ports is a matter for the particular switch in use. My guess is that the switch will forward the traffic to both hosts.
I disagree that there will be an ARP storm. ARP is used to resolve IP addresses to MAC addresses. Your scenario doesn't suggest that IP to MAC resolution is going to break, only that 2 different IP addresses are going to be resolved to the same MAC address, which isn't in and of itself a problem as a single host may have multiple IP addresses. Your case is that 2 different hosts with different IP addresses may have the same MAC address, so packets may be misforwarded but that won't cause an ARP storm.
A switch learns MAC addresses. Once it sees an address coming from a port, it will direct the traffic for this address only to this specific port.
In your case this means the two hosts will see only part of the traffic, depending which host sent the "latest" packet. The result will be very ugly networking problems. Do not expect the switch to handle this situation: MAC addresses are supposed to be worldwide unique.
A hub may work -- they simply spit out the packets on all ports except the one where it came in -- but these are very rare for 100MBit and non-existent for Gigabit. And of course half-duplex.
This is a common problem with a terminal that we manufacture. It has no MAC address burned into the hardware and spoofs one on first boot. One of the problems we have is that the address is (supposedly random) generated by the system clock but if the terminal hasn't been tested it will boot with all ones (as in 11/11/11/ time 11.11) and create the same MAC address. Two points here 1) an OUI is an International physical address so the reply above that all MAC addresses are internationally unique is not correct. And 2) in my experience I have found issues that vary from an ARP storm on a small network switch with auto negotiation on a class C only network to no more than not being able to resolve the address (the ARP) despite the terminals having different IP addresses.
Also a hub would not work. Although a hub has no requirement for the physical address you still have an argument that cannot be resolved. ie: you cannot, ever, under any circumstances, have the same physical address on the same network or domain. The whole point of the MAC address is to know where to send the signal.
Also this isn't a case of two objects in the same space and time because that isn't how medium access works. The problem is no ARP return so although Joe Qwerty is largely correct the proposition that a single host can have mutliple IP addresses is ambiguous. A host can have multiple NIC's and that would mean multiple IP's and multiple MAC's. Maybe he means multiple IP's on a single NIC but actually although that is possible you can only use one IP address at a time but yes they would both have the same MAC but they wouldn't both be online at the same time. Also if the host had multiple NIC's they would be multiple hosts.
Back to your question - if one host is cloning the others MAC can you not change the MAC using a DoS prompt? What is the hardware? Many years ago with cable broadband you had to clone your NIC to the modem and that didnt matter because the MAC is an external physical address and not used in the local host network so there is no conflict to begin with
bit off topic I know but wanted to address the errors in the above answers (apart from Joe qwerty that is)
What happens? What do you think happens? What happens when two objects try to occupy the same point in space-time?
There is unrelieved chaos on the network preceded by an ARP storm like unto the tornado that took out the St. Louis airport a couple of days ago.
What to do? Anything but that.
