ā12-15-2009 06:00 AM - edited ā03-04-2019 06:58 AM
Hi,
If i apply this command to a trunk port which connects to switches, and it reaches to limit what is the action?
switchport port-security limit rate invalid-source-mac
down the link OR drop invalid mac-addressed packets?
Thank you.
ā12-15-2009 11:45 AM
Hi Akyuznet
It actually depends on what violation policy you apply:
switchport port-security violation{shutdown | restrict | protect}
with shutdown, it basically shuts the port, with restrict/protect option, it will not shut the port, but will drop the packets later...
Hope this helps.. all the best..
Raj
ā12-16-2009 01:53 AM
Hello Akyuznet,
this command introduces a rate limit in number of invalid MAC addresses events on the port.
This is probably there as a form of defense from a possible denial of service caused by processing these events.
switchport port-security limit rate ?
invalid-source-mac Invalid source packet rate limit (packets per second)
switch(config-if)#switchport port-security limit rate inv
switch(config-if)#switchport port-security limit rate invalid-source-mac ?
<0-1000> Packets per second
none Disable invalid source mac address rate limit
it may help in keeping low the cpu usage. or it can be seen as a way to control the rate of unsecure mac addresses on the port.
Hope to help
Giuseppe
ā10-23-2012 01:12 AM
Hi Giuseppe,
Can you suggest an ideal threshold rate limit value for 4507 switches?
Regards,
Akhtar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide