Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static MAC address entries and port security


Can anyone explain why when I do a sho mac addr table on cisco switch I have static entries associated with a switchport, usually these are dynamic.

We have basic port-security to limit amount of devices on that port to 4 at the minute we have 2(phone/pc) so this should not be breached.

Will port security change them to static entries?

This caught my eye tracing a reported IP conflict by PC, strange thing is doing some arp debug there dosent really seem to be a conflict.

Any thoughts appreciated.

Cisco Employee

Static MAC address entries and port security


I might not understood your question well so appreciate if you elaborate more on it. But Port-security does not change the MAcs to static as the static commands does. But port-security stores learned MACs in TCAM memory as it need to have those there to compare if the source MAc of traffic comming is within those stored MACs. If not it is checking on if counter of allowed MACs still allow to send more - if yes - then it will send packet to CPU for the source MAC to be saved in TCAM along with previosuly learned MACs. If no space available due to config on port - packet will be dropped.

Please specify your question based on my comment to see if I can help you further.