Ethernet switches have a learning process through which they gradually begin to understand the network topology — which MAC address is behind which port. When seeing a port to send a frame with a certain source MAC address, the MAC address table is updated to indicate that the source MAC is behind the port that sent the packet.
Now, when moving a computer to another switch port, it typically after a while sends a frame that teaches the entire network its new location in the network. So, the network will eventually learn the new location of the computer.
My question is: do typical Ethernet switches have in addition to this MAC address re-learning a timeout for the MAC address entries in the table? This would be similar to the ARP table timeout in endpoint hosts. If so, what is the range of typical default values for MAC address timeout?
Best Answer
A typical timeout is 5 min (often called mac-aging). Re-learning MAC addresses can be dangerous in terms of security. On the other hand, when you disconnect your computer from the switch, all MACs associated with the port to which it was connected are flushed immediately; when you reconnect your computer (to the same or a different port), the switch can relearn the appropriate mapping.
Please be aware that, while this is typical behaviour, there are some switches configured to stick with a MAC once it was learnt (or to limit the number of MACs that can be dynamically learnt: once the limit is reached, manual intervention is required).