cisco static mac address configuration & moving device to another port - will it drop frames or will...

SJ K · ‎05-22-2015

Hi all,

I have read on

http://ciscoiseasy.blogspot.sg/2010/11/lesson-25-switch-port-security.html and https://networklessons.com/switching/static-mac-address-table-entry/

that if we set a mac address of a device (DeviceA) as static in the switch (e.g fe0/1). If the switch receive frames from the device A from another switchport (e.g fe0/3), it will drop the frames.

I tried and failed on packet tracer. Setting a device mac address static in the switch (fe0/1) When i change the device to another port (fe0/3), it can still send out frames/ICMP ping; just that the responses cannot get back to it (because the switch is sending back to fe0/1 instead of fe0/3)

q1) can i confirm is this behavior in packet tracer correct ? if we set a mac address static on fe0/1, and if the switch receive frames from that mac address in fe0/3, what will happen ? will it drop the frames or not ?

Regards,
Noob

rakeshvelagala · ‎05-24-2015

Hi,

The switch should just drop it.

From DOC:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/XE3-7-0E/15-23E/configuration/guide/xe-370-configuration/port_sec.html

Note A secure violation is not triggered if the host secured on one port shows up on another port. The Catalyst 4500 series switch drops such packets on the new port silently in the hardware and does not overload the CPU.

SJ K · ‎05-24-2015

Hi,

Thanks for the link. But it is talking about port security. How about just configuring the mac address as static without any port security in place.

Regards,
Noob

cisco static mac address configuration & moving device to another port - will it drop frames or will it now