IP Source Guard BUG or Poor documentation?

ralphcarter · ‎05-22-2008

I'm using 3750G switches in my network and have a few server NIC Teamed to the 3750G stack with LACP.

I read under http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/3750SCG.pdf

that "IP source guard is not supported on EtherChannels."

But when I go to the Port-channel interface for my LACP bond, I am able to setup IP Source Guard and it shows active .

interface Port-channel1

description "LACP to xxxx g1/0/1 & g2/0/1"

switchport access vlan 20

switchport mode access

spanning-tree portfast

spanning-tree bpduguard enable

ip verify source

end

ip source binding 0019.B9EA.xxxx vlan 20 10.80.20.10 interface port-channel 1

show ip verify source

Interface Filter-type Filter-mode IP-address Mac-address Vlan

--------- ----------- ----------- --------------- ----------------- ----------

Po1 ip active 10.80.20.10 20

Is this a BUG or documentation needs to be updated?

CCIE 26175
www.techsnips.com

didyap · ‎05-28-2008

When configuring IP source guard on interfaces on which a private VLAN is configured, port security is not supported" - I assume that this means "switchport protected", I attempted disabling it but it did not do anything. On the other hand, interface is configured with the feature turned on and it works fine.