cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Popup Hotspot Using ISR 1000 with WiFi/LTE for Teleworkers and Micro Branchesr
331
Views
7
Helpful
7
Replies
Highlighted
Beginner

How to tell if there is more than one device on a switch port

Hi all,

Is there an easy way to tell if there is more than one device on a switch port?

What I am trying to do is set port-security on every port of a switch for a maximum of one device.  This will obviously shut down any port with more than a device on it.  So is there anyway to tell how many devices are on a port, so I can set the maximum accordingly?

Thanks,

-SA.

7 REPLIES 7
Highlighted
Advocate

Re: How to tell if there is more than one device on a switch por

you can check for the number of mac addresses being learnt at each port using the cli command "sh mac-address-table dynamic

I knwo this could be frustrating but in general all but trunks ports of the switch can be configured for port secruity with a max of one mac-address.

If you have an IPT deployment with desktops hooking off the phones, then you may have to configure the port for a maximum of 2 mac-address

HTH

Narayan

Highlighted
Cisco Employee

Re: How to tell if there is more than one device on a switch por

Hello,

If you issue "show mac address-table dynamic interface " you

will see all registered mac addresses on that port. That would be a good

starting point.

Hope this helps.

Regards,

NT

Highlighted
Hall of Fame Community Legend

Re: How to tell if there is more than one device on a switch por

Shut down the port and wait for the phone to ring.  He he he ...

One option is to enable port security and set maximum MAC address.  This is because some servers don't advertise their MAC address. 

Highlighted
Beginner

Re: How to tell if there is more than one device on a switch por

How could they not 'advertise' their MAC address?

If they're going to send any type of packet on a switched-network then of course they're going to need to have their MAC address known. Whether or not they spoof a MAC is another question, but either way you look at it; it will still be well known information (at least from a switches perspective).

Highlighted
Hall of Fame Community Legend

Re: How to tell if there is more than one device on a switch por

NIC Teaming.  The primary NIC will advertise but the secondary NIC will go "silent".

Highlighted
Beginner

Re: How to tell if there is more than one device on a switch por

Fair point, although one could debate whether they'd be hanging off the same switch port (unless there were a switch or hub downstream from the switch you're looking at of course).

Highlighted
Hall of Fame Community Legend

Re: How to tell if there is more than one device on a switch por

Thus my initial post of "disable the ports".  If you use the command "sh mac- int " and your output, say, is 10 MAC address but in fact you have more "silent" MACs.  You won't know.  But I've done this several times and I got the answer faster than trawling. 

CreatePlease to create content
Content for Community-Ad