IP Source Guard BUG or Poor documentation?

Unanswered Question
May 22nd, 2008

I'm using 3750G switches in my network and have a few server NIC Teamed to the 3750G stack with LACP.

I read under http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/3750SCG.pdf

that "IP source guard is not supported on EtherChannels."

But when I go to the Port-channel interface for my LACP bond, I am able to setup IP Source Guard and it shows active .

interface Port-channel1

description "LACP to xxxx g1/0/1 & g2/0/1"

switchport access vlan 20

switchport mode access

spanning-tree portfast

spanning-tree bpduguard enable

ip verify source


ip source binding 0019.B9EA.xxxx vlan 20 interface port-channel 1

show ip verify source

Interface Filter-type Filter-mode IP-address Mac-address Vlan

--------- ----------- ----------- --------------- ----------------- ----------

Po1 ip active 20

Is this a BUG or documentation needs to be updated?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
didyap Wed, 05/28/2008 - 08:55

When configuring IP source guard on interfaces on which a private VLAN is configured, port security is not supported" - I assume that this means "switchport protected", I attempted disabling it but it did not do anything. On the other hand, interface is configured with the feature turned on and it works fine.


This Discussion