Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to tell if there is more than one device on a switch port

Hi all,

Is there an easy way to tell if there is more than one device on a switch port?

What I am trying to do is set port-security on every port of a switch for a maximum of one device.  This will obviously shut down any port with more than a device on it.  So is there anyway to tell how many devices are on a port, so I can set the maximum accordingly?

Thanks,

-SA.

7 REPLIES

Re: How to tell if there is more than one device on a switch por

you can check for the number of mac addresses being learnt at each port using the cli command "sh mac-address-table dynamic

I knwo this could be frustrating but in general all but trunks ports of the switch can be configured for port secruity with a max of one mac-address.

If you have an IPT deployment with desktops hooking off the phones, then you may have to configure the port for a maximum of 2 mac-address

HTH

Narayan

Cisco Employee

Re: How to tell if there is more than one device on a switch por

Hello,

If you issue "show mac address-table dynamic interface " you

will see all registered mac addresses on that port. That would be a good

starting point.

Hope this helps.

Regards,

NT

Hall of Fame Super Gold

Re: How to tell if there is more than one device on a switch por

Shut down the port and wait for the phone to ring.  He he he ...

One option is to enable port security and set maximum MAC address.  This is because some servers don't advertise their MAC address. 

New Member

Re: How to tell if there is more than one device on a switch por

How could they not 'advertise' their MAC address?

If they're going to send any type of packet on a switched-network then of course they're going to need to have their MAC address known. Whether or not they spoof a MAC is another question, but either way you look at it; it will still be well known information (at least from a switches perspective).

Hall of Fame Super Gold

Re: How to tell if there is more than one device on a switch por

NIC Teaming.  The primary NIC will advertise but the secondary NIC will go "silent".

New Member

Re: How to tell if there is more than one device on a switch por

Fair point, although one could debate whether they'd be hanging off the same switch port (unless there were a switch or hub downstream from the switch you're looking at of course).

Hall of Fame Super Gold

Re: How to tell if there is more than one device on a switch por

Thus my initial post of "disable the ports".  If you use the command "sh mac- int " and your output, say, is 10 MAC address but in fact you have more "silent" MACs.  You won't know.  But I've done this several times and I got the answer faster than trawling. 

247
Views
7
Helpful
7
Replies