From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Wed Feb 02 2005 - 16:36:55 GMT-3
The logging buffer will be flushed upon reload; However, the
3550 does support logging directly to flash:
http://www.cisco.com/en/US/products/hw/switches/ps646/products_configura
tion_guide_chapter09186a0080115942.html#xtocid6
HTH,
Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> Balaji Siva
> Sent: Tuesday, February 01, 2005 4:53 PM
> To: null void
> Cc: ccielab@groupstudy.com
> Subject: Re: switchport port-security LOGGING
>
> Your understading is correct. If a violation occurs, it would log a
> message but if you reload that would be gone and so is the violoation
> state. You have to use say a syslog server to log messages if you
> want to see them later. Violation state (leading to err-disable)
> would be cleared on reload. Ofcouse if the switch again learns more
> mac-address, it would log a violation and take approriate action. You
> saved config should be there as those have already been secured.
>
>
> On Tue, 1 Feb 2005 13:35:09 -0800 (PST), null void
> <nullv0idmain@yahoo.com> wrote:
> > I understand the concept of sticky keyword when using switchport
port-
> security... It permits you to learn mac addresses on that given
broadcast
> domain / vlan automagically and puts them to your running-config ...
So
> if you did a wri mem and the router reloaded those same mac addresses
> would be there after the reload .. Is this accurate ??? Then there
is
> what to do if say your maximum allowed mac address configuration is
> execeded , do you know if one of these methods would log to buffer so
that
> if you reloaded the information pertaning to if any violations occured
> would be in that log... Say I had the following:
> >
> > int f0/12
> > switchport mode access
> > switchport port-security
> > switchport port-security maximum 4
> > switchport port-security mac-address sticky
> > switchport port-security violation
> >
> > Say this is applied to int fast0/12 of both R1 and R2's lan
interfaces
> and they are running hsrp , with sticky will it 1 permit the hsrp well
> known mac and count this as 1 of the mac addresses so now I have used
3 of
> my mac addressess 1 for hsrp active well known mac address and 1 each
for
> R1 and R2's lan ethernet interfaces .... So now if I write mem then
reload
> and say a violation occured before I reloaded would I see the
violation in
> local buffer logging if enabled and my previously learned mac
addresses
> are still in use ??
> >
> >
This archive was generated by hypermail 2.1.4 : Thu Mar 03 2005 - 08:51:16 GMT-3