What I really want is a definitive answer as to precisely what "port security" does. I've read and re-read config guides and any doco I can find on port security but still cannot answer these questions.
I have it configured and working in our network but I need some clarification on a couple of points:
Assuming a MAC address is mapped (either statically or via sticky): Once a MAC address is known on a specific secure port on "Switch A" it cannot appear on another _secure_ port on "Switch A".
1. What about secure ports on "Switch B"?
2. Does the secure mapping apply only to the local switch or is it propagated throughout the network somehow??
I'm sure I've witnessed behaviour that would suggest that other switches are able to limit connectivity based on non-local port-security info, but I can find no doco to confirm or deny that this _should_ be the case.
I need to get port security past my Change Board so I need to be certain of the way it works (or doesn't work) as I'm going to get questions!!
Thanks for any assistance.
[Edit] I've just posted another message about port security not appearing to work as documented on a switch I've set up for testing. Hope someone can help with either :)
You can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the Media Access Control (MAC) address of the station attempting to access the port is different from any of the MAC addresses specified for that port.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...