RE: MAC & IP ADDRESS RESERVATION IN LAYER 2 SWITCH

From: Chuck Church (cchurch@xxxxxxxxxxxx)
Date: Mon May 27 2002 - 13:21:39 GMT-3

• Next message: JULIO CESAR GARCIA ALCANTAR: "Re: can portfast run on a trunk port?"
• Previous message: Michael Snyder: "Anyone Using 827-4V in their Lab? It has four FXS ports built in."
• Maybe in reply to: jfaure@xxxxxxxxxx: "MAC & IP ADDRESS RESERVATION IN LAYER 2 SWITCH"
• Next in thread: alain faure: "RE: MAC & IP ADDRESS RESERVATION IN LAYER 2 SWITCH"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Juan,

        What problem are you trying to solve here? Since it's a layer 2
switch, it only uses ARP to facilitate remote devices talking to it's
management interface. So if you're trying to limit who can get to SC0, why
not just use 'set ip permit'? If you want to make sure that 'permitted' IP
address always has the same port and MAC, you can set the cam and arp
entries to permanent, which will survive resets. And port security might
help as well. I know all these options exist on CATOS 6.3 on 4000 series,
not sure about other codes or models. HTH.

Chuck Church
CCIE #8776, MCNE, MCSE
Sr. Network Engineer
Magnacom Technologies
140 N. Rt. 303
Valley Cottage, NY 10989
845-267-4000

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
jfaure@sztele.com
Sent: Monday, May 27, 2002 10:47 AM
To: ccielab@groupstudy.com
Subject: MAC & IP ADDRESS RESERVATION IN LAYER 2 SWITCH

Hi Guys!

I'm wondering how can I reserve a Mac ADDRESS and an IP address (the two
conditions) to a specific Catalyst layer 2 switch port. I know you can set
a permanent or static entry in the CAM table of it, but the problem is to
reserve the IP address too, to only permit that a PC with this MAC and this
IP can connect to the switch by this specific port.

I've seen that you can "edit" the ARP table of the switch, and you can set
an ARP entry too. The problem is that if you don't stablish the aging-time
to infinite, this entry (that would link the MAC address and the IP address
I need) will be deleted. Then, if I stablisht the aging-time to infinite,
the switch don't relearns the macs (I think) and then it can be a problem
if you translate some equipment from a Catalyst port to another one.

Do you know any way to do so, or do you think this is the right way to
solve this?

Regards

Juan Faure Ferrer
email: jfaure@sztele.com

Lmnea de Negocio de Telematica y CC
Ingeniero de Integracisn de Redes y Sistemas
----------------------------------------------------------------------------

SOLUZIONA TELECOMUNICACIONES
Servicios Profesionales de UNION FENOSA
Jerez, 3
28016 MADRID
tel 91 579 30 00 fax 91 350 72 83
---------------------------------------------------------------------------

• Next message: JULIO CESAR GARCIA ALCANTAR: "Re: can portfast run on a trunk port?"
• Previous message: Michael Snyder: "Anyone Using 827-4V in their Lab? It has four FXS ports built in."
• Maybe in reply to: jfaure@xxxxxxxxxx: "MAC & IP ADDRESS RESERVATION IN LAYER 2 SWITCH"
• Next in thread: alain faure: "RE: MAC & IP ADDRESS RESERVATION IN LAYER 2 SWITCH"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:59:10 GMT-3