Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.


Performance impact of port security.

Is there any information available about what the performance impact is of using port security on various switch models? I've never seen anything on Cisco's site about this, but I figure that has to be some type of performance impact (especially on lower-end switches) to comparing the source MAC address of every packet against a known list of authorized MAC addresses, especially when using VMPS as opposed to per-port authorized MAC specifications.

If anyone can offer some insight on this, I'd be appreciative.



New Member

Re: Performance impact of port security.

As a learning mechanism, the switch anyway has to look at the source address in each frame and check the CAM table to see whether the address is already available or it needs to be populated. For port security, it has to just additionally check whether the address is allowed on that port which can be done fast. So I am doubtful whether it will create any significant performance impact depending on the hardware/software implementation.


Re: Performance impact of port security.

Good point about the source address checking. In the case of VMPS, though, I do wonder if there's a significant performance impact as the VMPS file grows. I imagine the VMPS lookup can be done in parallel with the CAM lookup... If entries in the VMPS file are hashed into a CAM of their own, then perhaps there's no performance hit whatsoever.

CreatePlease to create content