Duplicate MAC address on the same LAN possible?

Solution 1:

It's possible for two hosts to have the same MAC, due to spoofing, a mistake during manufacturing, or willful negligence on the part of the manufacturer. So,

1) In general, an Ethernet switch keeps a table of which MAC addresses are attached to which ports. It bases this table on the source address of frames it receives during the normal operation of the network. Upon receiving any frame, the source MAC is read and compared with the current switching table, and then added alongside whichever switchport it was received on.

So if there are two hosts, both with the same MAC address, then the switch will update it's MAC table every time it receives a frame from either host. The reachability of either host will flap on and off and be inconsistent.

2) Short answer: no. Duplicate MAC addresses will not trigger any sort of security problem in an unmanaged switch (a switch without configuration software), or a managed switch (like most Cisco/HP/Junipers) that has not been configured for port security. Managed switches will give you a warning printed in the console terminal if they detect a duplicate MAC (a MAC that 'exists' on multiple switchports), but by default they won't "do anything" about it AFAIK.

If you want to use port security options on a managed switch, you can do stuff like only allow 1 MAC address per switchport. The MAC address will be learned dynamically by the switch (like it usually learns MACs), but the difference is that once it is learned, it is bound to that switchport. Then, if the switch receives frames from a duplicate MAC on another switchport, it can place that port into a disabled state (shut it down.)

You mentioned deauthentication in your question. The port security feature of some switches is different that "deauthentication"-- it is deauthorization. They are similar but the difference is important; look up authentication vs. authorization.

3) Duplicate MACs will not cause collisions. Collisions are the result of a shared electrical bus. It is more of a race condition, although I haven't heard it referred to like that before. Remember, duplicate MACs are "allowed", as far as any out-of-the-box Ethernet switch is concerned-- they just cause a problem that will interrupt network connectivity to each host in question. The problem is a constantly changing switching table.

Solution 2:

Answers to your question:

1. YES it is possible, and NO you'll not have consistent contact.

2. You might...the administrator might see the problem and disable the ports on the switch.

3. What I encountered was with two systems with the same MAC address connected to the same switch, and what I noticed was that networking would work with the LAST system to send out ethernet packets being selected. So it was when one system worked the other one didn't...quite amusing and puzzling to me until the networking guy pointed out the problem.