cisco 3560 ip-mac filtering problem


For about a month I have a cisco 3560 switch mounted as main gateway-router for about 1000 users. Everything works fine except static ip-mac filtering on ports.

My gateway vlan is 10, and have 16 ports on that vlan.

for ip-mac filtering I did the folowing on the switch:

ip dhcp snooping vlan 10

ip dhcp snooping

ip source binding 000E.E88D.9F42 vlan 10 interface Gi0/22

ip source binding 0030.1B16.8C53 vlan 10 interface Gi0/10

ip source binding 0040.F4B4.CF53 vlan 10 interface Gi0/24

ip source binding 00C0.DF11.E8E0 vlan 10 interface Gi0/15

ip source binding 000C.6EC8.5238 vlan 10 interface Gi0/24

interface Gi0/24

switchport access vlan 10

switchport mode access

switchport port-security

flowcontrol receive desired

ip verify source port-security

and so on for all vlan 10 interfaces

on the firt few seconds even minutes on the command

sh ip verify source interface Gi0/24

I get correct filtering setings:

Interface Filter-type Filter-mode IP-address Mac-address Vlan

--------- ----------- ----------- --------------- ----------------- ----------

Gi0/24 ip-mac active 0040.3445.2334 10

Gi0/24 ip-mac active 0040.3675.2894 10

and the filtering works.

After a few minutes the traffic on switch stops and on the same command I get:

Interface Filter-type Filter-mode IP-address Mac-address Vlan

--------- ----------- ----------- --------------- ----------------- ----------

Gi0/24 ip-mac inactive-no-snooping-vlan

Without any transfer on that port the ip-mac filtering stayes active.

I have tested and the latest software IOS version 12.2(35)SE1, and got the same problem.

Can someone tell me if, am i doing something wrong or is it a bug?

Thank You !

Re: cisco 3560 ip-mac filtering problem



switchport port-security maximum xxx

switchport port-security violation restrict

And works

