From: Shaikh, Nasir (Nasir.Shaikh@atosorigin.com)
Date: Fri Mar 10 2006 - 12:47:18 GMT-3
Hi,
Or you could configure the max allowed mac-addresses on the switch ports to
2.
kind regards
Nash
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Bangerter, Markus
Sent: donderdag 9 maart 2006 17:07
To: ccielab@groupstudy.com
Subject: RE: HSRP and sw port-security
Hi
I have tested the scenario in my lab.
r1 connected to sw1, r2 connected to sw2: trunk between switches.
HSRP virtual-mac and port-security will not work together, since
Port-security adds the configured mac-addresses to the mac-addr-table
on both switches --> duplicate mac-address.
I have done it with the use-bia command in hsrp.
!
standby use-bia
standby version 2
standby 56 ip 192.168.56.1
standby 56 priority 20
standby 56 preempt
!
To me, this is the only working scenario in combination with
Port-security enable on the switchports.
Any comments to my assumption ?
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Quetta Walla
Sent: Samstag, 25. Februar 2006 15:08
To: Ice Fire; ccielab@groupstudy.com
Subject: RE: HSRP and sw port-security
Virtual mac is 0000.0c07.ac00. So even if hardcode it on both r1 and r2,
again the switch is going to learn the same mac 0000.0c07.ac00 on 2
different ports or ports that are in the same broadcast domain...even if
r1 is conencted to sw1 and r2 to sw2 in the same vlan...its still the
same case...ping stops when HSRP active router changes...
With sticky option, it will work only till the active router
changes...because then the the port is going to learn the same virtual
mac on the port that just became HSRP active, right?
With sw port-security againg static...the min aging time is 1 min.
Any comments...
This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:38 GMT-3