From: Anderson Alves (mota_anderson@hotmail.com)
Date: Sun May 04 2008 - 19:21:22 ART
Hi Rajakumar,
I would definitely change the standby mac-address on both routers to use
different mac-address each one of them.
Example:
R1:
Int fa0/0
Standby 1 mac-address 0000.0000.0001
Standby 1 ip address xx.xx.xx.xx
Standby 1 preempt
R2:
Int fa0/0
Standby 1 mac-address 0000.0000.0002
Standby 1 ip address xx.xx.xx.xx
Standby 1 preempt
On the switches sides, manually configure the new mac-address entries of the
HSRP.
HTH,
Anderson Mota Alves
CCIE3 #16778 (R/S, SP and Security)
Technical Instructor
http://www.netmetric-solutions.com
http://www.andersonalves.net
-----Mensaje original-----
De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] En nombre de
Rajakumar Ramasamy
Enviado el: Sunday, May 04, 2008 11:45 PM
Para: ccielab@groupstudy.com
Asunto: HSRP + Port Security
Hello,
I know the following methods to enable port-security on interfaces, which
are connected to routers where HSRP is configured.
Options 1:
switchport port-security
switchport port-security maximum 2
Option 2
Standby use-bia
switchport port-security
switchport port-security maximum 1
However instead of using the above options, I am trying the following since
my requirement is to retain the mac addresses when a switch reloads. I get
duplicate mac-address error message on the switch interface where Passive
router is connected.
SW1
switchport port-security
switchport port-security maximum 2
switchport port-security mac-address <Active router MAC>
switchport port-security mac-address <Virtual mac-address>
SW2
switchport port-security
switchport port-security maximum 2
switchport port-security mac-address <Passive router MAC>
switchport port-security mac-address <Virtual mac-address>
Duplicate mac-address found error message. How to resolve the above issue?
Thanks
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:15 ART