Re: HSRP and BIA

From: akyccie (akyccie@gmail.com)
Date: Wed Jun 04 2008 - 12:21:49 ART

• Next message: Luan Nguyen: "RE: CCIE payrate in Los Angeles"
• Previous message: Gregory Gombas: "Re: CCIE payrate in Los Angeles"
• Maybe in reply to: Mike Haddad: "HSRP and BIA"
• Next in thread: Amir.Tahir/Wateen/Lahore: "RE: HSRP and BIA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Just going through the workaround given in below url. What if you are not
allowed to use "standby use-bia"
Workaround

  a.. Issue the standby use-bia command on the routers. This forces the
routers to use a burned-in address for HSRP instead of the virtual MAC
address.

  b.. Disable port security on the switch ports that connect to the HSRP
enabled routers.

aky

----- Original Message -----
From: "itsfortarget iwillgetit" <itsfortarget@gmail.com>
To: "Mike Haddad" <mike.haddad@hotmail.com>
Cc: <ccielab@groupstudy.com>
Sent: Wednesday, June 04, 2008 1:24 AM
Subject: Re: HSRP and BIA

> HELLO,
>
>
>
> When port security is configured on the switch ports that are connected to
> the HSRP enabled routers, it causes a MAC violation, since you cannot have
> the same secure MAC address on more than one interface. A security
> violation
> occurs on a secure port in one of these situations:
>
> -
>
> The maximum number of secure MAC addresses is added to the address
> table,
> and a station whose MAC address is not in the address table attempts to
> access the interface.
> -
>
> An address that is learned or configured on one secure interface is seen
> on another secure interface in the same VLAN.
>
> By default, a port security violation causes the switch interface to
> become
> error-disabled and to shutdown immediately, which blocks the HSRP status
> messages between the routers.
> http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml#topic5
>
> On Tue, Jun 3, 2008 at 8:59 AM, Mike Haddad <mike.haddad@hotmail.com>
> wrote:
>
>> Hello,
>>
>> When the question says do not use the BIA address for HSRP. Isn't it the
>> default behavior of HSRP?
>>
>> Thanks in advance,
>> Regards,
>>
>> _________________________________________________________________
>>
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Luan Nguyen: "RE: CCIE payrate in Los Angeles"
• Previous message: Gregory Gombas: "Re: CCIE payrate in Los Angeles"
• Maybe in reply to: Mike Haddad: "HSRP and BIA"
• Next in thread: Amir.Tahir/Wateen/Lahore: "RE: HSRP and BIA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:20 ART