By default, switches dynamically learn the MAC addresses of connected devices and store them in the CAM (Content Addressable Memory) table by looking at the source MAC address of incoming frames. However, this process is vulnerable to layer 2 MAC address spoofing attacks, where an attacker can easily spoof a few MAC addresses to change entries in the MAC address table. To mitigate this problem, we can manually configure entries in the MAC address table, known as static MAC addresses, which will always override dynamic entries.
Here's how to configure static MAC address table entries:
Topology:
Configure the topology as per the provided diagram.
Configure the IP addresses as per the topology.
Configure IP addresses on the PC as per the topology.
Ping from PC1 to all the PCs.
Configure static MAC addresses.
Router Configuration:
Router(config)#interface gigabitEthernet 0/0
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit
Switch Configuration:
Switch(config)#interface vlan 1
Switch(config-if)#ip address 192.168.1.2 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
PC Configuration:
C:\>ping 192.168.1.4
C:\>ping 192.168.1.5
C:\>ping 192.168.1.6
C:\>ping 192.168.1.7
C:\>ping 192.168.1.8
C:\>ping 192.168.1.9
C:\>ping 192.168.1.10
C:\>ping 192.168.1.11
Verify the Configuration:
Router#ping 192.168.1.2
Switch#show mac address-table
The above configuration will establish a static MAC address table entry, making the network more secure against MAC address spoofing attacks.