Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Limitations on 'Secure Address' filtering on a 2924 switch port?

Hello all,

Due to the necessity for one of our products (a small LAN system) to remain in an isolated environment; but to also allow 3 external machines access, we have enabled a 'secure address count' = 3 on one port of our 2924 Cisco switch, and then defined the 3 secure MAC addresses allowed. At the other end of this port is a 2948 unit with numerous devices attached using a variety of protocols (TCP/IP, IPX/SPX etc), hence the need for filtering. It is the 2948 device which homes our 3 external machines which need to connect to our 2924 (LAN).

My question is, with all of the filtering which is having to be done on this one port of our 2924 switch, and with so many frames being refused, should we expect any detrimental effect on this port/switch or QoS, and if so what might the nature of this be?

Thank you to anyone who may be able to advise me about this.


chris anderson

New Member

Re: Limitations on 'Secure Address' filtering on a 2924 switch p

No I would not have thought so, its pretty much the same as an access list dropping packets although that is at Layer 3 and slower. Its simply a case of the switch reading the MAC address and dropping the frame. I'm sure you would see very little performance degredation