Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
443
Views
5
Helpful
0
Replies

Can IP Device Tracking be used like port security?

matty-boy
Level 1
Level 1

‎04-08-2021 09:34 AM

Hi,

We have a customer who needs to limit the number of devices that are allowed to connect to a port.

This is an SDA environment (not really relevant for this question) and DNA-C pushes the following config (amongst many other things):-

device-tracking policy IPDT_MAX_10
 limit address-count 10
 no protocol udp
 tracking enable
!
interface x/x/x
 device-tracking attach-policy IPDT_MAX_10

If I was to change the "limit address-count 10" down to 1 (actually I'd create a new policy with the update and assign it to the desire ports) would this work in the same way as port security would? If I connected a dumb switch to the fabric edge port and connected two devices, would only one work and the other would not have any connectivity?

If the answer to this question is yes, does the entry get cleared when the port goes down when device disconnected or does the entry persist for some time? And if so, how is the entry cleared?

Switches are Cat9Ks and Cat3650s running 16.12.3s.

Many thanks in advance,

Matt.

0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card