ā12-15-2009 06:00 AM - edited ā03-04-2019 06:58 AM
Hi,
If i apply this command to a trunk port which connects to switches, and it reaches to limit what is the action?
switchport port-security limit rate invalid-source-mac
down the link OR drop invalid mac-addressed packets?
Thank you.
ā12-15-2009 11:45 AM
Hi Akyuznet
It actually depends on what violation policy you apply:
switchport port-security violation{shutdown | restrict | protect}
with shutdown, it basically shuts the port, with restrict/protect option, it will not shut the port, but will drop the packets later...
Hope this helps.. all the best..
Raj
ā12-16-2009 01:53 AM
Hello Akyuznet,
this command introduces a rate limit in number of invalid MAC addresses events on the port.
This is probably there as a form of defense from a possible denial of service caused by processing these events.
switchport port-security limit rate ?
invalid-source-mac Invalid source packet rate limit (packets per second)
switch(config-if)#switchport port-security limit rate inv
switch(config-if)#switchport port-security limit rate invalid-source-mac ?
<0-1000> Packets per second
none Disable invalid source mac address rate limit
it may help in keeping low the cpu usage. or it can be seen as a way to control the rate of unsecure mac addresses on the port.
Hope to help
Giuseppe
ā10-23-2012 01:12 AM
Hi Giuseppe,
Can you suggest an ideal threshold rate limit value for 4507 switches?
Regards,
Akhtar
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: