[c-nsp] wisdom of switchport block ...
Tarko Tikan
tarko at lanparty.ee
Mon Feb 10 14:30:58 EST 2014
hey,
> I am looking at tightening up my subscriber access network and, if
> I understand the documentation correctly, 'switchport block unicast'
> will prevent a cisco switch (3560g in this case) from flooding unicast
> frames out any port so configured, unless the destination mac address
> was learned from that port.
Blocking unknown unicast is very typical for access networks using
service-vlans (or N:1, whatever you like to call it).
MAC aging and DHCP lease timers will have to be tuned accordingly, make
sure DHCP < aging. This way DHCP renewals will keep active addresses in
the MAC table.
--
tarko
More information about the cisco-nsp
mailing list