RE: Re¡G Port-security mac-address vs. mac-address sti

From: Scott Morris (smorris@ipexpert.com)
Date: Wed Jan 02 2008 - 14:21:36 ARST

• Next message: Salau, Yemi: "RE: bootstrap router filtering RP"
• Previous message: Ken Young: "OT: ACS Group/filtering Question"
• Next in thread: Scott Morris: "RE: Re¡G Port-security mac-address vs. mac-address sti"
• Maybe reply: Scott Morris: "RE: Re¡G Port-security mac-address vs. mac-address sti"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The "switchport port-security mac-address" command only enters the MAC in
the RUNNING table (e.g. nothing in "show run"). if you want it to survive
reboot and show up in your config, you have to use sticky. Sticky will work
for both static AND dynamic entries.

Look at "show run" versus "show port-security". :)

HTH,

Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE-M
#153, JNCIS-ER, CISSP, et al.
CCSI/JNCI-M/JNCI-ER
VP - Technical Training - IPexpert, Inc.
IPexpert Sr. Technical Instructor

A Cisco Learning Partner - We Accept Learning Credits!

smorris@ipexpert.com

Telephone: +1.810.326.1444
Fax: +1.810.454.0130
http://www.ipexpert.com

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Chan
Hong
Sent: Wednesday, January 02, 2008 11:03 AM
To: Eric Phillips; ccielab@groupstudy.com
Subject: Re!G Port-security mac-address vs. mac-address sticky?

I saw something similar in IPExpert lab. Please someone explain or post some
reference link, thanks.

----- 6l%s-l%s ----
1H%s$H!R Eric Phillips
<eric@phillips.tc>
&,%s$H ccielab@groupstudy.com
6G0e$i4A!R 2008 &~ 1$k 2 $i
,P4A$T $U$H 8:24:22
%DCD!G Port-security mac-address vs. mac-address sticky?
Hey all,

I understand that with port-security the sticky command allows the switch to
dynamically learn MAC addresses and save them to the running config as
"switchport port-security mac-address sticky 0000.000c.0001" as an example.
What I was curious though is in all the books and CBTs I have seen, the
author/instructor always manually enters MAC addresses using the sticky
command, not just "switchport port-security mac-address 0000.000c.0001."

If
you are manually configuring the MAC addresses for port-security, is there
any difference between:
switchport port-security mac-address 0000.000c.0001 and
switchport port-security mac-address sticky 0000.000c.0001?

In my testing I
do not seem to see any difference, so I am curious if anyone knows of a
difference, or are they the same if you are manually configuring the MAC
addresses?

Thanks,

Eric

--
Eric M. Phillips
Senior Network Consultant
LTI Information Technology    http://www.ltiit.com
501 Avis Drive
Ann Arbor, MI  48108
Phone: (734) 929-1400  Fax: (734)
929-1401

• Next message: Salau, Yemi: "RE: bootstrap router filtering RP"
• Previous message: Ken Young: "OT: ACS Group/filtering Question"
• Next in thread: Scott Morris: "RE: Re¡G Port-security mac-address vs. mac-address sti"
• Maybe reply: Scott Morris: "RE: Re¡G Port-security mac-address vs. mac-address sti"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:37:57 ARST