cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4164
Views
0
Helpful
4
Replies

Finding sticky MAC on access switches

d79dannyd
Level 1
Level 1

Is there away to find a sticky MAC on a different switch from the router/core? I realize port security does not span switches. I was looking for a way to find a Sticky MAC on a switch from the core that has been been aged out of the MAC address table. Some or our switches can be 10 deep off the core.

Thanks

Danny

4 Replies 4

Sergey Lisitsin
VIP Alumni
VIP Alumni

Danny,

There is no way of finding that out looking at the output on the core switch. As you have correctly stated, the information about MAC address security is not communicated between switches in any way. Would you mind saying why you need that and may be there is an alternative way of achieving what you need.

 

Thanks Sergey,

 

Sometimes our technicians will move computers and only supply us with the MAC address. We need to track down the MAC, clear it off the old port, and move the port to a dead vlan. I would like to create a script to do this, however do not want the script to log into all the switches if possible.

OK, you can possibly do something like that:

 

Log in to the core switch and find which port the specific MAC is found on. Then check the CDP neighbour table and identify what switch you have on that port. It then becomes the next switch you log in to. You repeat the MAC address check and also test if it has a line of configuration matching that MAC. If it does, then it is the switch, that has the sticky configuration and you clear it up. If not, you determine the CDP neighbour and repeat previous steps. 

Marcos Eusebio
Level 1
Level 1

Hi Danny,

May be the #show port-security address | inc <MAC-ADDRESS> could be helpfully for your situation, only apply it on each switch where you want to discard the presence of the MAC.

Regards

Review Cisco Networking for a $25 gift card