05-14-2008 06:57 AM - edited 03-09-2019 08:42 PM
Hello All,
I'm curious if anyone who has enabled port-security has experienced this issue. I've enabled port-security on some distribution switches. Two of those switches are connected for redundancy. On a few occassions, I have seen port-security errors crop up on those switches that don't make sense. For example, I've seen a violation error come up on both of those switches, at the same time, for a device that is actually plugged into an access switch's port. I know for sure that the violating device wasn't plugged into these two distribution ports simultaneously. I also know for sure that the device was never moved off of the access switch. So why would the distribution switches report a violation? Could this be because of some STP change? Bug? Something else?
Any input would be appreciated.
--Jeff
05-20-2008 05:52 AM
If you are using restrict mode then a trap will be sent each time the address is seen. So as long as the device is connected the messages will continue to appear.
05-20-2008 06:39 AM
True. But what if the violating device was never plugged into the switch's port? Why would I be seeing a mac address on a port, causing port-security's violation mode to trigger, when the physical connection to that port hasn't changed? ARP table corruption? Flapping? If it was a consistent problem I'd have a better idea and more to offer. But I appreciate the input.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: