[c-nsp] Server NIC teaming and port-security
Jee Kay
jeekay at gmail.com
Tue Jul 4 14:34:10 EDT 2006
I have several servers that are needing redundant switch uplinks. To
this end we're using NIC teaming on the server side, with each NIC
going to a different switch so that if one fails the server will stay
available.
At the same time, I have port-security configured on the switchports
facing the server. Unfortunately this seems to break horribly..
I'm assuming this is because a port-security learnt CAM entry is
effectively static, and so if a switch sees the same source MAC
address coming in from elsewhere (ie across a port-channel) it refuses
to switch it on.
Has anyone else seen this sort of thing, or have any recommendations
for how best to solve it? I'd prefer to keep port-security enabled on
these switchports if at all possible.
Thanks,
Ras
More information about the cisco-nsp
mailing list