I tested this by enabling DTP again (By removing the switchport nonegotiate) command, and the flapping returned. The violation mode is the default, no static secure MAC addresses are configured, and sticky learning is enabled.ģ-42 Securing Cisco Network Devices (SND) v2.0 © 2006 Cisco Systems, Inc. After adding the line switchport nonegotiate to the port groups from the Core down to SW1 & SW2 then the flapping stopped occurring.
#How to set dynamic mac address learning in cisco how to
This figure shows how to enable port security on Fast Ethernet port 0/1 and to set the maximum number of secure addresses to 50. Add a static ARP entry for the multicast MAC address of the FireCluster interface. Also, the maximum number of MAC addresses (for example, the command switchport port-security maximum value) for the port can be set. Configure the Cisco Switch Start the Cisco 3750 command line interface. If the running configuration is then saved to the startup configuration, these MAC addresses do not need to be relearned on restart. These former dynamic entries are entered into the running configuration using the command switchport port-security mac-address sticky mac-address. Existing dynamic entries are converted to sticky entries when the switchport port-security mac-address sticky command is issued for a port. Sticky entries are similar to static entries except that they are dynamically learned.
Static entries are manually entered for each port (for example, switchport port-security mac-address mac-address) and saved in the running configuration. MAC addresses are gathered dynamically with some switches supporting static entries and sticky entries. Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport mode access Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security maximum 50 Switch(config-if)# switchport port-security mac-address sticky Switch(config-if)# switchport port-security aging time 20 Switch(config-if)# end
0 kommentar(er)
