Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

switchport port-security limit rate invalid-source-mac EFFECT

Hi,

If i apply this command to a trunk port which connects to switches, and it reaches to limit what is the action?

switchport port-security limit rate invalid-source-mac

down the link  OR drop invalid mac-addressed packets?

Thank you.

3 REPLIES

Re: switchport port-security limit rate invalid-source-mac EFFEC

Hi Akyuznet

It actually depends on what violation policy you apply:

switchport port-security violation{shutdown | restrict | protect}

with shutdown, it basically shuts the port, with restrict/protect option, it will not shut the port, but will drop the packets later...

Hope this helps.. all the best..


Raj

Hall of Fame Super Silver

Re: switchport port-security limit rate invalid-source-mac EFFEC

Hello Akyuznet,

this command introduces a rate limit in number of invalid MAC addresses events on the port.

This is probably there as a form of defense from a possible denial of service caused by processing these events.

switchport port-security limit rate ?
  invalid-source-mac  Invalid source packet rate limit (packets per second)

switch(config-if)#switchport port-security limit rate inv
switch(config-if)#switchport port-security limit rate invalid-source-mac ?
  <0-1000>  Packets per second
  none      Disable invalid source mac address rate limit

it may help in keeping low the cpu usage. or it can be seen as a way to control the rate of  unsecure mac addresses on the port.

Hope to help

Giuseppe

New Member

switchport port-security limit rate invalid-source-mac EFFECT

Hi Giuseppe,

Can you suggest an ideal threshold rate limit value for 4507 switches?

Regards,

Akhtar

2482
Views
0
Helpful
3
Replies
CreatePlease to create content