MAC address learning

jjessen · ‎03-24-2004

Is it possible to disable MAC address learning on an individual port or VLAN basis?

I need to achieve this on a 4500 series CAT OS switch.

rlcarr · ‎03-25-2004

Could you explain this a little more?

Learning the MAC is essential to how a switch performs switching.

If you don't learn the MACs, you've essentialing turned your Switch into a Hub and you are going to have to flood all ports for these unknown MACs.

I'm not aware of a way to totally turn off the learning. However, you can limit the amount of MACs you learn per port. I.e this helps prevent users from plugging hubs into their switch ports rather than just their PCs.

Ron

jjessen · ‎03-25-2004

Ron,

That's exactly what I would like to achieve :-)

Disable switching on specific ports/vlans so as to allow traffic to IDS sensors without purchasing hubs.

I have an existing infrastructure where I would like to rspan traffic to an existing switch where I would like to place the IDS sensors (multiple sensors that require to see the same traffic stream); however, as it is a switch it won't forward the traffic to the ports because it has learnt that the destinations being addressed don't exist on that switch.

Ergo, my question on how to disable learning on that particular switch series (4500).

ziutek · ‎03-28-2004

Can you not just use a span port for all vlans, and connect that port to the IDS complex?

blazesod · ‎03-28-2004

Hi Ron,

There is a much better way to do this as mentioned above called SPAN. Documentation on how to do this can be found here:

http://www.cisco.com/warp/public/473/41.html

R/S

Dave