Re: HSRP + PORT SECURITY

From: Leigh Harrison (ccileigh@gmail.com)
Date: Wed Apr 05 2006 - 05:11:37 GMT-3

• Next message: Petr Lapukhov: "Re: FRTS Theory Question"
• Previous message: Leigh Harrison: "Re: Poor-man's CCIE rack"
• Maybe in reply to: KC: "HSRP + PORT SECURITY"
• Next in thread: Chris Lewis: "Re: HSRP + PORT SECURITY"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hey there KC,

I've done this a few times. Rather than use sticky mac, I found it was
much better to type in the mac addresses for the ports and the virtual one.

LH

KC wrote:
> Very strange to me, I requested 3 times to people to give me the config. of
> HSRP Routers and Switch , but noone responded me with right solution . What
> happened to you guys, i am stuck , ehlp me , this is the i guess last
> question i am asking before lab
>
> On 4/4/06, KC <kanwal.chawla@gmail.com> wrote:
>
>> Hey Guys
>>
>> Whenever i configure this thing on one of Switchport, my both routers HSRP
>> came up in Active states, noone is going standby
>> switchport access vlan 10
>> switchport mode access
>> switchport port-security
>> switchport port-security maximum 2
>> switchport port-security mac-address sticky
>> switchport port-security mac-address sticky 0000.0c07.ac01
>> mac-address
>> switchport port-security mac-address sticky 0008.a3fc.a661
>>
>>
>> On 4/4/06, Chris Lewis <chrlewiscsco@gmail.com> wrote:
>>
>>> KC, I believe the answer to your question will only be found in the
>>> exact wording of the question, which can take many, many forms.
>>>
>>> If you use BIA there will only be one MAC address associated with each
>>> port, the downside of this is that traffic will be dropped as the switch
>>> moves that MAC address from one port to another. You can test this easily
>>> with an extended ping to the HSRP address, or to an address that is only
>>> reachable via the HSRP setup.
>>>
>>> Remember the lab has nothing to do with what makes sense from a
>>> deployment perspective, it is only tesing you on your ability to
>>>
> configure
>
>>> the equipment to do exactly what the question asks.
>>>
>>> Chris
>>>
>>> On 4/4/06, KC < kanwal.chawla@gmail.com> wrote:
>>>
>>>
>>>> Hey Guys,
>>>>
>>> I know this question has been discussed lots of time , but i just hve
>>> one
>>> doubt, If we use ((standby use-bia) command in HSRP with Port security ,
>>>
>>> Router will use its burnt-in address rather to typically HSRP virtual
>>> address. The problem is whenever standby router will become active,
>>> the virtual mac_Address will be moved to diffrent router. Will it be
>>> acceptable in Lab ??? Will the secodn router become active and failed
>>> router
>>> will become standby ???
>>>
>>> Any inputs please, i am clearifing becuase after 2 days i have a lab :D
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Petr Lapukhov: "Re: FRTS Theory Question"
• Previous message: Leigh Harrison: "Re: Poor-man's CCIE rack"
• Maybe in reply to: KC: "HSRP + PORT SECURITY"
• Next in thread: Chris Lewis: "Re: HSRP + PORT SECURITY"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon May 01 2006 - 11:41:56 GMT-3