Port security blowing up!

colin.armentor.ctr · ‎01-18-2008

Good afternoon,

I have a weird problem that just popped yesterday. We run port security on all of our switches ports connected to servers, the mac addresses are hard-coded on each server interface. Yesterday 8-10 ports on 3 different switches were shut down for port security at the same time. When looking at the port status the last-src-addr and the secure-src-address were still the correctly configured mac. The boxes are 6500s running cat6000-sup2k9.8-5-6.bin. The ports are on different blades and the NICs are from different manufacturers.

I ended up having to clear port security on all of the ports and enabling them again. Everything was good yesterday afternoon but I experienced the same problem again this morning.

Anyone else experience this problem? Any fix action?

Thanks in advance for any assistance!

Colin

noran01 · ‎01-18-2008

I am assuming, since they are servers, that the IP's are statically set (as well as duplex/speed), correct?

What are the functions of the servers affected? Do you run any kind of Virtual Machine on them? (vmware, ms, etc...). Do you manually apply windows updates (assuming they are MS boxes) or have auto-update turned off?

Hieu Cao · ‎01-18-2008

What messages do you see when you do "show log" in your switch?

You probably have port-security restriction set for "shutdown" upon port violation. Can you try "restrict" option. Also, what is the current mac-add limit set for each port?

When you said it happened again, were they the same ports that shutdown before? Are users hooking up unauthorized devices that you're aware of?

You might want to try out some of these commands:

no errdisable detect cause pagp-flap

no errdisable detect cause dtp-flap

no errdisable detect cause link-flap

no errdisable detect cause l2ptguard

HTH,

hieu