AnsweredAssumed Answered

MAC Address problem

Question asked by exw32-pica on May 22, 2015
Latest reply on May 25, 2015 by exw32-pica

Hello,

 

 

 

Thanks for taking the time to read my message!

 

 

I know this is a strange place to announce a Checkpoint related problem, however it seems to be a L2 problem, so that's why i post in the "enterprise switching" section. Additionally, for some reason I cannot post at the Checkpoint forum..

 

 

We have a cluster of two Checkpoint 13500 FW's. And we are experiencing some strange behavior.

 

 

 

We have a Cisco switch with port 20 connected directly to a test client in VLAN 900. FW1 is connected to port 21 and FW2 is connected to port 22. All in VLAN 900. The FW's run VRRP. The FW's are default gateway for the clients in VLAN 900.

 

 

 

The MAC adress of the client is AA.AA.A2.00.00.00. So looking at the MAC table of the switch, I see client AA.AA.A2.00.00.00 on port 20. But now the strange thing... for this client, I also see a slightly altered MAC address in the MAC address table, sourced from port 21 (FW1). So the MAC table shows:

 

 

 

AA.AA.A2.00.00.00 interface 20

 

AA.AA.A1.00.00.00 interface 21

 

 

 

This strange altering of MAC addresses is seen for all clients, sourced from interface 20. So for example:

 

 

 

AA.AA.A2.00.00.00 interface 20

 

BB.BB.B2.00.00.00 interface 20

 

CC.CC.C2.00.00.00 interface 20

 

AA.AA.A1.00.00.00 interface 21

 

BB.BB.B1.00.00.00 interface 21

 

CC.CC.C1.00.00.00 interface 21

 

 

 

All addresses with a "2" in it are 'real' addresses. All addresses with a "1" in it are altered addresses, sourced by FW1.

 

 

 

Anybody seen this behavior before???

 

 

 

Thank you very much for your reply!

 

 

 

Lody

 

Outcomes