From: keith tokash (ktokash@hotmail.com)
Date: Wed Jan 30 2008 - 16:31:25 ARST
Port-security works on trunk ports as well according to the docs (link below,
haven't tried it yet, have to lab that up at home). Let me rephrase the
question.
Did Cisco just not bother to implement port-security interoperability with
DTP, or is there a specific reason that the two don't go together?
I can see that having port-security set on an edge port that gets flipped to a
trunk port would be a Bad Thing [TM], but maybe there's something really cool
that I don't even know about. ;)
http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12
.2_40_se/configuration/guide/swtrafc.html#wp1038546
With a few exceptions, secrecy is deeply incompatible with democracy and with
science.
--Carl Sagan
Date: Wed, 30 Jan 2008 07:53:52 +0200
From: shiranp3@gmail.com
To: ktokash@hotmail.com
Subject: Re: DTP vs port-security
CC: ccielab@groupstudy.com
DTP = Dynamic Trunking Protocol
Port Security work only on ACCESS ports so it do not support and do not need
to support DTP, you must set the interface statically to Access Mode and
preferably also turn off the DTP with "Switchport nonegotiate"
On Jan 29, 2008 7:23 AM, keith tokash <ktokash@hotmail.com> wrote:
I get that port-security is incompatible with DTP, so one must manually
specify the interface mode. But I can't find anything relating why that's
the
case. I don't know, maybe I'm a doof, but I don't see a clear connection.
Can anyone help a fella who's down on his luck?
With a few exceptions, secrecy is deeply incompatible with democracy and with
science.
--Carl Sagan
This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:38:02 ARST