05-22-2024 12:02 AM
Dear All,
I have setup a Trustsec test network, All seems works well, but I have made a mistake on one of two PC belonging to different SGT group. I have configured the wrong ipv4 **bleep**. So when correct the error and confugured the PC with the right ip **bleep**, I see that on the switch where this Pc was connected the IPV4-SGT binding about the wrong ip **bleep** still remain:
Active IPv4-SGT Bindings Information
IP **bleep** SGT Source
============================================
10.20.28.0/22 2000 CLI
10.20.110.0/23 2000 CLI
10.20.124.0/24 2000 CLI
10.20.232.0/24 2000 CLI
10.20.239.0/24 2 CLI
10.20.239.253 2 INTERNAL
10.20.248.11 16 LOCAL <----Right ipv4 **bleep**
10.20.248.166 16 LOCAL <---Wrong ipv4 **bleep**
10.20.254.0/24 2000 CLI
There is somthing messing in the swtch configuration about the SGT cache? I leave all sgt cache settings to the defaults. the switch is a 9300 (CAT9K_IOSXE), Version 17.9.4.
Bye,
JF.
05-22-2024 01:52 AM
@ifabrizio those are LOCAL bindings - LOCAL: Bindings of authenticated hosts which are learned via EPM and device tracking. This type of binding also include individual hosts that are learned via ARP snooping on L2 [I]PM configured ports.
Clear the ARP?
05-22-2024 12:15 PM
@ifabrizio We've removed the spam filter that replaced words in your post. Would you please edit your post to add them back so the community has the right context. So sorry for the inconvenience!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide