Hi,
We have a customer who needs to limit the number of devices that are allowed to connect to a port.
This is an SDA environment (not really relevant for this question) and DNA-C pushes the following config (amongst many other things):-
device-tracking policy IPDT_MAX_10
limit address-count 10
no protocol udp
tracking enable
!
interface x/x/x
device-tracking attach-policy IPDT_MAX_10
If I was to change the "limit address-count 10" down to 1 (actually I'd create a new policy with the update and assign it to the desire ports) would this work in the same way as port security would? If I connected a dumb switch to the fabric edge port and connected two devices, would only one work and the other would not have any connectivity?
If the answer to this question is yes, does the entry get cleared when the port goes down when device disconnected or does the entry persist for some time? And if so, how is the entry cleared?
Switches are Cat9Ks and Cat3650s running 16.12.3s.
Many thanks in advance,
Matt.