5 Posts
0
858
January 26th, 2022 04:00
Limit the number of source MAC address per port to one
I configured my switch N2024 with port security. For an interface Gi1/0/6 configuration looks like this:
"SW-4#show run
!System Software Version 6.7.1.4
....
interface Gi1/0/6
switchport port-security
switchport port-security dynamic 1
switchport port-security mac-address sticky
switchport port-security mac-address sticky A81E.84FF.3D81 vlan 1
switchport port-security mac-address sticky B07B.2530.A42A vlan 1
switchport port-security mac-address sticky B07B.2530.A560 vlan 1
exit
switchport port-security"
On this interface I have: "switchport port-security dynamic 1". I don't understand why can I connect 3 different devices on this interface and all can work? I want to limit the number of source MAC addresses that can be learned on a port to only one. What im doing wrong ?
Tomasz
DELL-Chris H
Moderator
•
9.4K Posts
0
January 26th, 2022 12:00
Sorry I misspoke, I didn't mean to imply you had to, but clear the existing dynamic addresses, and see if it leaves it with a single mac.
DELL-Chris H
Moderator
•
9.4K Posts
0
January 26th, 2022 11:00
Tomgam,
The article here describes the steps needed, but also you will need to limit the number of static addresses too, also ones learned, before the setting will stay. Which is also covered in the article I linked.
Let me know if this helps.
tomgam
5 Posts
0
January 26th, 2022 12:00
Thanku Chris, You are right, but in documentation isn't mention that I have to set limit for static and dynamic together for limit of dynamically learned mac addresses.