Home / server / Questions / 535529
Accepted
claws
Asked: 2013-09-02 17:14:06 +0800 CST

Why do all computers on my network have the same MAC address?

  • 772

I'm on a LAN provided by an ISP. My computer has its IP address, Subnet Mask, Default Gateway, DNS Servers(using DHCP).

I just wanted to see the MAC addresses of all the computers on my LAN.

  1. After applying subnet mask /18 or 255.255.192.0 on my IP I got: 182.3.64.0
  2. Which gives me 16384 IP addresses ranging from 182.3.64.0 to 182.3.127.255
  3. First and last IP addresses cannot be used as they are Network address and Broadcast address respectively.
  4. So, My subnet or local network contains 16382 hosts/computers. Right? In other words these 16382 hosts are behind single router.

I want to see the mac addresses of these hosts. SO, I pinged all of them and the picture shows the result:

enter image description here

My thinking:

I didn't understand why they all have same Mac Address. But now if I think little bit more about it. 16382 hosts behind a single router means too much of broadcast traffic (ARP broadcast). Which is not desirable. At the same time they cannot be connected to different routers because that would mean they are on different networks. May be they are on different VLAN (I don't know much about VLAN but I just know that it helps reducing the broadcast traffic).

I don't understand what is my problem. Kindly identify what am I getting wrong?

EDIT: The MAC address I'm receiving is the MAC of my default gateway.

networking

2 Answers

  1. Best Answer

    There could be a lot of things going on here.

    In general, a subnet will not have as many nodes as it has possible node addresses. If there actually were enough hosts to fill an entire /18, you should be subnetting further, because the broadcast domain would in fact be too big.

    However, I don't think this is actually what is going on. I suspect that there is some layer 2 bridging going on here, or possibly someone is MAC spoofing. A layer 2 bridge might respond to ARP with its own mac address for any IPs on the opposite side of the bridge, particularly if the interface on the other side of the bridge uses a different addressing scheme.

    That said, scanning your upstream provider's subnets is generally something that should be avoided; it's often against the ToS and there is no valid operational reason for you to be doing it.

    • 7

  2. If your network is composed of more than one subnet and you try to scan a subnet that you don't belong to, all the possible ip addresses (nodes) will show in the scan as if they all existed and all have the same mac address as your router.

    I bet that the mac address in your console is the mac address of your router.

    Here is a question I asked about how to get the mac addresses from a different subnet.

    • 2