[c-nsp] Same MAC address on PPPoE CPE
Rin
rintrum at gmail.com
Tue Jul 6 12:38:19 EDT 2010
Hi group,
A portion of our metroE network is as below:
CPE1-----------DSLAM1----------(Gi9/19)PE
CPE2-----------DSLAM2----------(Gi9/20)PE
The two DSLAM assign the same vlan 147 to traffic sending from CPE1 & CPE2,
port G9/19 & G9/20 on PE are configured as trunk that allow vlan 147, then
an EoMPLS pseudowire is created from SVI 147 on PE to BRAS. Everything is
working fine, however, recently I face the problem that some CPE routers
have the same MAC address and it causes MAC address inconsistent learnt on
VLAN 147 on PE router.
Since I have large number of CPE, I must find a way to detect if same MAC
happen as soon as I connect CPE to DSLAM. I try to configure port-security
MAC address sticky on G9/19 & G9/20 and the problem has gone away. However,
this feature automatically add large configuration on the port as the soon
as a new MAC is learnt on the port:
interface GigabitEthernet9/19
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 85,99,147,244,1100,1102,1111
switchport mode trunk
switchport nonegotiate
switchport port-security
switchport port-security maximum 100
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0018.8247.e4ee vlan 85
switchport port-security mac-address sticky 0050.7fa1.60a9 vlan 147
..
I have two questions here:
1. Is there any method that the router does not additional
configuration on port configured with port-security MAC sticky?
2. Anyone has other idea rather than configure port-security to detect
same MAC address on CPE?
Thanks,
Rin
More information about the cisco-nsp
mailing list