switchport aging time inactivity

Franco_x · ‎05-24-2022

I believe I understand the purpose and function of the command. For example, in our network we have it set to 15 minutes, and then it will erase the MAC from that port. If I connect a computer on port X, and it works before going home but I leave it plugged in doing nothing overnight for example, when I get to the office in the morning that same computer is not working. I now have to either shut/no shut the port, or go to the switch and unplug and plug in that port.

Is there a workaround for this? is this how this command is supposed to work? is there a workaround? any info is highly appreciate it.

switchport access vlan XX
switchport mode access
switchport port-security maximum 3
switchport port-security aging time 15
switchport port-security aging type inactivity
switchport port-security
snmp trap mac-notification change added
snmp trap mac-notification change removed
no cdp enable
spanning-tree portfast
auto qos trust
no shut

Flavio Miranda · ‎05-24-2022

Hi

The idea of this security feature is make sure that the mac address on the interface can be renewed frequently so that it can avoid security thread. But, it should not take you to the situation that, on the next day, you need to shut/no shut the switch interface.

After 15 minutes, the ARP will be cleaned but as soons as the PC try to communicate, a new ARP entry must be added.

Is it Computer connected in a IP Phone or anyother device? Computer usually does not stay quite for too long.

Franco_x · ‎05-24-2022

It is not daisy chained through the IP Phone, its plugged directly into the patch panel, which then goes to the switch. Its also not always, its just here and there, sometimes after lunch it will happen as well. Just an odd connectivity issue that I am trying to solve.