Defeating mac flooding attacks on the distribution 6500 switch
1. Can anybody share personal experience about the following Cat 6500 commands:
IOS: mac-address-table limit
CatOS: set cam monitor
IOS: mac-address-table notification threshold
CatOS: set cam notification threshold
The problem is that it is not always feasible to protect the switching infrastructure against macof-like attacks on the access layer because of software limitations of low-end switches. For example, you cannot configure port security and PVLANs on the same port on 3560/3750 Cisco switches.
So, the idea is to defeat mac flooding attacks on the distribution layer. Is it possible with these commands?
2. Why is IOS documentation tells us that "flood" option of the "mac-address-table limit" command "enables unknown unicast flooding for the VLAN" whilst CLI tells us that it "disables flooding for this vlan"? What is the truth?
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...