port security

Unanswered Question
Aug 8th, 2008

We have port sec on 5 switch at on site. 4 2950s run CAT OS and 1 4500 IOS. We are seeing port go down due to sec violations from mac addresses on neighbor switches. No physical changes, or config changes and no hubs. Ports are going down due to sec violations with now explanation.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Sat, 08/09/2008 - 01:36

Hello Duane,

if you have port security enabled on inter-switches links just adding a new PC can lead over the threshold in the number of MAC addresses allowed on port.

I would suggest to disable port security on inter-switch links

At least check the port security state of inter-switches links.

It's enough to have port security on access ports.

Hope to help


DuaneKPetersen Sat, 08/09/2008 - 13:30

We already have port sec on the access ports only. We running in a secure operation and is company policy to have port sec on all access port. We seeing ports go down due to sec violation. No workstations have been moved. No seeing any spantree loops.

DuaneKPetersen Sat, 08/09/2008 - 13:38

Listed below is line from the log

Host 00:1E:4F:C5:7F:C6 in vlan 1 is flapping between port Fa4/32 and port Fa5/15

rkhalil Sat, 08/09/2008 - 15:44

You have a Spanning tree loop, review your topology.



Giuseppe Larosa Mon, 08/11/2008 - 10:18

Hello Duane,

verify that this host is not dual homed : using two NICs with the same MAC address and the same IP over it.

If so you need to do NIC teaming = an etherchannel using LACP negotiation instead of using the two ports as separated ports.

001E4F (base 16) Dell Inc.

If the PC/server has only one NIC you have a real network problem likely a bridging loop and you need to fix it.

Hope to help


johnlloyd_13 Tue, 08/12/2008 - 03:55

you can re-enable the port by doing a shutdown/no shtudown command. try tuning your it to other violation mode, a milder one, instead of a shutdown (the default). there's one option which will show a log that there's a violation (i forgot what it is) instead of putting it in a shutdown mode.


This Discussion