Title: Packets Replicated
Hi, I have a packet capture and it appears that UDP packets are getting sent 8 times but I can confirm from the workstation that this is not the case. Perhaps the switch is reflecting the packets 8 times.
However, the more confusing question is that I can see the original source packet going to the correct destination but then after the first packet the source keeps the same IP address but the mac address changes to the mac of my switch. The source becomes Ethernet II, Src: Cisco_64:62:40
But of course, the IP address on the same packet is the IP of the original workstation that sent the packet.
Is it possible that there is no ARP going on from the workstation so the packet is just sent out all ports of the switch? If so, shouldn't the switch have the destination mac in its table and just switch the packet there? I ask because I have exactly 8 ports mirrored.
James
