Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2431
Views
5
Helpful
2
Replies

Port security issues and MAC address sticky not saving MAC

nuggetinu
Level 1
Level 1

‎01-13-2018 06:53 AM - edited ‎03-08-2019 01:24 PM

Hi,

I am doing a practice lab as per attached step by step, and as per page 10-11, I enabled switchport security on ALS2 interfaces f0/6, f0/15-24. Contrary to the lab document, when doing show port-security interface f0/6, Total MAC address is not showing as 1.

 

Additionally on ALS1 I enabled the mac address sticky feature, and again when doing show port-security interface f0/6, Total MAC address is not showing as 1 while also Sticky MAC address is still set to 0.

 

Assigning an IP on the host and pinging the vlan gateway solved the issue, but at that moment the lab doesn't tell you to do so, so I'm worried I'm doing something wrong, since following the lab should provide the same results. Is this because a switch will not learn a MAC address if it doesn´t receive any packet from the host?

 

I am also attaching the pkt file as png for your perusal. Thanks in advance!

Labels:
Preview file
749 KB
Preview file
82 KB
0 Helpful
2 Replies 2

Francesco Molino
VIP Alumni
VIP Alumni

‎01-13-2018 06:52 PM

Hi

This is normal as total mac address shows the number of Mac address learned and not yet purged.

If you issue the command "show port-security" you'll see the same number on current address column and if you issue "show port-security address" you'll see the Mac address

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni

‎01-13-2018 10:53 PM

As you mentioned that it is showing correct after sending a packet to switch SVI or another host. 

I hope you are performing your lab on Cisco Packet Tracer or other software so there is no traffic without user interaction but in the real network, a system will generate some traffic without user information as DNS test, OS update etc. So you will not face the same issue in a real network.

 

I hope this will be helpful for you.

Thanks,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card