What’s MAC Flooding?

Print anything with Printful



MAC flooding disrupts network switches by flooding them with data packets, causing data to be sent to all ports instead of specific recipients. This is achieved by corrupting the translation table, which maps MAC addresses to physical ports. MAC flooding can compromise security and switches can be configured to prevent it.

MAC flooding is a method that can be used to affect the security protocols of different types of network switches. Essentially, MAC flooding floods the network switch with data packets that interrupt the normal flow of data from sender to receiver which is common with MAC addresses. The end result is that instead of data being transferred from a specific sender or port to a specific recipient, data is swept across all ports.

The basis of MAC flooding starts with a corruption of the translation table which is part of the network switch function. When working properly, the table will map to every single MAC address that is on the network. Each MAC address is associated with a physical port on the network switch. This approach allows you to designate a specific and unique termination point for data sent over the network.

By flooding the switch with packets of data, the translation table is thrown out and the connection between ports and specific MAC addresses is destroyed. Instead, all data destined for a single MAC address is now sent out on all ports associated with the network. This means that any type of data destined for a single address is received from multiple addresses.

Part of the process of stopping MAC flooding is creating a state where the switch’s memory capacity reserved for these point-to-point data transmissions is rapidly consumed. When the memory reserved for this type of transmission is no longer available, the messages spill over and the memory capacity used for group messages is used. At the same time, protocols for sending group messages come into play, which allow the message to be sent to multiple destination points.

MAC flooding can be a great way to gain access to all types of data, including system passwords, protected files, and even emails and instant messenger conversations. Because of the security risk posed by MAC flooding, many switches today can be configured to provide additional security to specific MAC addresses or even shut down the switch in the event that too much data is flooded into a given port.




Protect your devices with Threat Protection by NordVPN


Skip to content