Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

How single mac address access multiple ports

I have two virtual hosts A, B and a virtual machine that is moving between the hosts, the problem that A  is connected to port and B also connected to another port, so when the virtual machine run in A its mac address will stick to A, and run ok, but when move it to the B it is denied.

So, the question Is it possible in port security that one mac address can access two or multiple ports either statically or dynamically at the same switch?

If no provide me other solution to secure the LAN like for example 802.1x....

by the way I am using Brocade Fastlron SuperX switch.



Community Member

Re: How single mac address access multiple ports


The behaviour you are describing is really a basic function of port-security, a known MAC being heard on a second port is considered a violation (the presumtion is MAC spoofing), so if you are using vmotion or something similar to move VMs between physical devices and as such expect this kind of mac moving under normal operation (and without a link flap) then port-security is really not the feature you are looking for.

The best you could do is set the aging timer to inactivity, and set it very low.  However there would still be an outage after the VM Vmotions to the second host, as well as adding more control plane load on the CPU with regular polling, so is not really ideal.


CreatePlease to create content