Hello!

My name is Cristian Valentin Barean.

For about a month I have a cisco 3560 switch mounted as main gateway-router for about 1000 users. Everything works fine except static ip-mac filtering on ports.

My gateway vlan is 10, and have 16 ports on that vlan.

for ip-mac filtering I did the folowing on the switch:

ip dhcp snooping vlan 10

ip dhcp snooping

ip source binding 000E.E88D.9F42 vlan 10 89.114.37.167 interface Gi0/22

ip source binding 0030.1B16.8C53 vlan 10 89.114.36.146 interface Gi0/10

....... ............. ..........

....... .......... ........

ip source binding 0040.F4B4.CF53 vlan 10 89.114.36.134 interface Gi0/24

ip source binding 00C0.DF11.E8E0 vlan 10 89.114.32.90 interface Gi0/15

ip source binding 000C.6EC8.5238 vlan 10 89.114.36.93 interface Gi0/24

interface Gi0/24

switchport access vlan 10

switchport mode access

switchport port-security

flowcontrol receive desired

ip verify source port-security

and so on for all vlan 10 interfaces

on the firt few seconds even minutes on the command

sh ip verify source interface Gi0/24

I get correct filtering setings:

Interface Filter-type Filter-mode IP-address Mac-address Vlan

--------- ----------- ----------- --------------- ----------------- ----------

Gi0/24 ip-mac active 89.114.33.142 0040.3445.2334 10

......... ............ .......

Gi0/24 ip-mac active 89.114.33.102 0040.3675.2894 10

and the filtering works.

After a few minutes the traffic on switch stops and on the same command I get:

Interface Filter-type Filter-mode IP-address Mac-address Vlan

--------- ----------- ----------- --------------- ----------------- ----------

Gi0/24 ip-mac inactive-no-snooping-vlan

Without any transfer on that port the ip-mac filtering stayes active.

I have tested and the latest software IOS version 12.2(35)SE1, and got the same problem.

Can someone tell me if, am i doing something wrong or is it a bug?

Thank You !