RE: CAT 3550 port security aging??

From: Todd.Reagan@nokia.com
Date: Wed Oct 09 2002 - 09:39:38 GMT-3

• Next message: Kurt Kruegel: "Re: How to erase config on Set-based switch"
• Previous message: Larson, Chris: "RE: how to detect hidden ipx number"
• Maybe in reply to: Peter Whittle: "CAT 3550 port security aging??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Here is the information from Cisco.

Problem
A known quantity of Catalyst 3550 models contain a memory management
error that results in the corruption of the destination MAC address of
802.1d and 802.1w/802.1s Spanning Tree BPDUs. Consequently, Spanning
Tree BPDUs are not processed by the appropriate switches and cannot be
relied on to prevent network loops. The Spanning Tree Protocol must be
enabled and there must be a loop in the network that passes through the
affected Catalyst 3550 switch for this problem to occur. For more
information on the products affected, background, and problem symptoms
please see the external field notice at:
http://www.cisco.com/warp/customer/770/fn20553.shtml

The affected switches must be upgraded to 12.1(11)EA1 or any subsequent
release. This software image is posted on the software center at:
http://www.cisco.com/cgi-bin/tablebuild.pl/cat3550. You must be logged
into CCO to gain access to software images for the Catalyst 3550.

Todd

-----Original Message-----
From: ext ying c [mailto:bf5tgh1@yahoo.com]
Sent: 09 October, 2002 07:28
To: Reagan Todd (NBI/Dallas); peter@whittle-systems.demon.co.uk;
ccielab@groupstudy.com
Subject: RE: CAT 3550 port security aging??

Todd,

Thanks for pointing out the release. I probably should
read the release notes, but can you tell us which kind
of spanning-tree problem you are referring to?

Chang
--- Todd.Reagan@nokia.com wrote:
> Check your software version on the 3550, the aging
> command is in the
> 3550 with 12.1(9)EA1c that I have.
>
> I also know IOS 12.1(11)EA1 is out for the 3550
> which fixes a big
> spanning-tree problem...
>
> Todd
>
> -----Original Message-----
> From: ext Peter Whittle [mailto:peter@whittle-systems.demon.co.uk]
> Sent: 08 October, 2002 15:09
> To: CCIELab Studygroup
> Subject: CAT 3550 port security aging??
>
>
> One of the popular commercial lab scenarios has a
> section on CAT3550.
>
> It requires you to implement port-security tied to a
> particular NIC
> card.
>
> No problem
>
> "int fa0/1
> switchport port-security
> switchport port-security mac-address
> 0002.abcd.ef10
> "
>
> I hear you say.
>
> However, it goes on to require you to allow a new
> NIC to connect after
> xxx if it has not heard from the original NIC. ie to
> age out the port-
> security mac address.
>
> The solution suggests that there is a 'switchport
> port-security aging
> time xxxx' command. However, on the 3550 that I
> tried it on there is no
> such command!
>
> Nor is it documented on the March 2002 CD under the
> CAT3550.
>
> There is such an option for a CAT2924XL with recent
> firmware.
>
> Any Ideas?
>
> Thanks
>
> Peter
>
> --
> Peter Whittle

• Next message: Kurt Kruegel: "Re: How to erase config on Set-based switch"
• Previous message: Larson, Chris: "RE: how to detect hidden ipx number"
• Maybe in reply to: Peter Whittle: "CAT 3550 port security aging??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:43 GMT-3