From: ccie-study@bradbeck.net
Date: Thu Mar 04 2004 - 14:32:51 GMT-3
"Po1" indicates logical interface PortChannel 1. Two of your CAM entries were
learned from that interface.
Quoting "Fowlie, Colin" <Colin.Fowlie@aliant.ca>:
> Yup. That would be the port from where the switch sees that MAC address. It
> doesn't indicate that ARP is being permitted.
>
> HTH
> Colin
> -----Original Message-----
> From: alsontra@hotmail.com [mailto:alsontra@hotmail.com]
> Sent: Thursday, March 04, 2004 3:02 PM
> To: Fowlie, Colin; ccielab@groupstudy.com
> Subject: Re: 3550 mac-address-table - VACL
>
> Thanks Colin,
>
> So "Po1" simply means forwarding entry.
>
> Alsontra
>
>
> ----- Original Message -----
> From: "Fowlie, Colin" <Colin.Fowlie@aliant.ca>
> To: <alsontra@hotmail.com>; <ccielab@groupstudy.com>
> Sent: Thursday, March 04, 2004 8:51 AM
> Subject: RE: 3550 mac-address-table - VACL
>
>
> > What you're looking at is the mac-address-table. This is the forwarding
> table that is built by the switch. It is not an arp entry. The switch is
> simply creating the mac table entry based on the source MAC address of a
> frame received from the host on a particular port. This perfectly fine as
> long as the arp entries don't show up on R4 and R6.
> >
> > Colin
> >
> > -----Original Message-----
> > From: alsontra@hotmail.com [mailto:alsontra@hotmail.com]
> > Sent: Thursday, March 04, 2004 2:34 PM
> > To: ccielab@groupstudy.com
> > Subject: 3550 mac-address-table - VACL
> >
> > Group,
> > I've applied a vlan access-map that essentially denies arp
> requests
> > to any host on vlan 162. The access-map creates the desired effect with
> the
> > exception of the switch. I've rebooted and clear all dynamic entries a
> number
> > of times. Is this normal behavior?
> >
> > The 3550 gets an arp request, adds it to its local mac-addres-table, but
> will
> > not forward if a vlan access-map forbids the action?
> >
> > Topology:
> >
> > R6---SW2----R4
> >
> > VLAN map denies arp on vlan 162, which connects them. Although the
> devices
> > cannot arp through the 3550, the retains arp entries for both devices. Its
> not
> > a big deal because the vlan access-map is doing its job, it just a little
> > confusing to still see arp entries when you think arp is being denied.
> >
> >
> > SW1#
> > 162 000d.bc24.c80e DYNAMIC Po1
> > 162 0050.d15f.7420 DYNAMIC Po1
> > 162 00e0.1ece.4a68 DYNAMIC Fa0/24
> >
> > Thanks,
> > Alsontra
> >
> > _______________________________________________________________________
> > Please help support GroupStudy by purchasing your study materials from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Please help support GroupStudy by purchasing your study materials from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Apr 01 2004 - 08:15:14 GMT-3