[c-nsp] Port Security Issue with c7609

John Kristoff jtk at cymru.com
Wed Sep 9 11:53:09 EDT 2015


On Wed, 9 Sep 2015 15:19:34 +0000
Richard Hamilton <rhamilton at columbus.co> wrote:

> I have been seeing multiple port security violation on my switch
> (c7609) to the point that am hardly able to see anything else.  When
> I investigated the port security at the time that the violation
> errors are appearing the total mac addresses are way less than the
> maximum configured for the port. Could someone assist me with this .

Was the MAC address recently seen on another port?  The aging time may
be set too high for hosts that are changing ports more rapidly.  It may
also be that the MAC address is already present on another port, doing
just what port security was largely designed to do.  This may be a true
violation or in many cases I've seen there was a bridge loop, you may
also be getting loop messages if that is the case.

John


More information about the cisco-nsp mailing list