RE: Port-security - quick one ;-)

From: cindy tanner (cindy.a.tanner@gmail.com)
Date: Wed Jan 30 2008 - 00:50:09 ARST

• Next message: Santi: "RE: Multiple IEs"
• Previous message: Roman Rodichev: "RE: How i became CCIE -- caution Huge Post"
• Maybe in reply to: Darren Johnson: "Port-security - quick one ;-)"
• Next in thread: Gary Duncanson: "Re: Port-security - quick one ;-)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Just a quick add to the response below.

If you configure 'switchport port-sec max 5', Five macs will be dynamically
learned. If you reboot, they will be lost. However, if you add the
'sticky' command, they will stay after reboot.

Good Luck on the 21st!

Cindy

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Fang
Gao
Sent: Monday, January 28, 2008 9:41 PM
To: Darren Johnson
Cc: ccielab@groupstudy.com
Subject: Re: Port-security - quick one ;-)

Hi, Darren,

A static mac entry is saved in running-configure, as well as startup-config
if you copy runing to startup-config. It will not be lost after reboot.

I did the following at cat 3560.

interface FastEthernet0/20

 switchport mode access

 switchport port-security

 switchport port-security mac-address 0050.04fd.9f73

After reboot, the above configuration is still in Fa0/20.

 You can try it on your lab. It is simple.

HTH

Fang
On Jan 28, 2008 5:22 AM, Darren Johnson <dazza_johnson@yahoo.co.uk> wrote:

> Hey all. I'm stuggling to get me head around this. With port-security,
> if I configure a static mac entry (switchport port-security
> mac-address
> xxxx.xxxx.xxxx) then it is added to the running-config only - doesn't
> survive a reboot. With 'sticky' port-security, the dynamically learned
> MAC is added to the running config. However, this too will not survive
> a reboot.
> Therefore, whats the difference?!?
>
> With BOTH methods, you STILL NEED TO SAVE the RUNNING-CONFIG - or they
> are lost (of course the sticky will get re-learned). The only
> difference I can see between the two, is that:
> Sticky automatically adds the MAC address to running-config Static
> configuration requires manual entry of the MAC address to
> running-config
>
> Any thoughts/comments?
>
> Dazzler
>
> P.S. My lab is 21st Feb Brussells, anyone else out there that day?
>
>
>
> ___________________________________________________________
> Inbox full of spam? Get leading spam protection and 1GB storage with
> All New Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Santi: "RE: Multiple IEs"
• Previous message: Roman Rodichev: "RE: How i became CCIE -- caution Huge Post"
• Maybe in reply to: Darren Johnson: "Port-security - quick one ;-)"
• Next in thread: Gary Duncanson: "Re: Port-security - quick one ;-)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:38:02 ARST