MAC Address from Switch port when Port-Security Enabled

mikejamrog · ‎02-14-2014

I have 1 stack of 3 3750X switches.

BOOTLDR: C3750E Boot Loader (C3750X-HBOOT-M) Version 12.2(53r)SE1, RELEASE SOFTWARE (fc1)

I have a pc attached to switch 3 port 29 (g3/0/29)

interface GigabitEthernet3/0/29

switchport access vlan 900

switchport mode access

storm-control broadcast level 5.00

storm-control action trap

spanning-tree portfast

spanning-tree bpduguard enable

end

#show mac address-table int g3/0/29

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

900 2c44.fd1e.a672 DYNAMIC Gi3/0/29

Total Mac Addresses for this criterion: 1

Now, when I add port-security to this port, the mac address disappears.

interface GigabitEthernet3/0/29

description Vendormate

switchport access vlan 900

switchport mode access

switchport port-security

switchport port-security violation restrict

switchport port-security mac-address 2c44.fd1e.a672 vlan access

storm-control broadcast level 5.00

storm-control action trap

spanning-tree portfast

spanning-tree bpduguard enable

end

# show mac address-table int g3/0/29

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

#

Its gone.

Gi3/0/29 connected 900 a-full a-1000 10/100/1000BaseTX

#show port-security

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action

(Count) (Count) (Count)

---------------------------------------------------------------------------

Gi3/0/29 1 1 0 Restrict

---------------------------------------------------------------------------

Total Addresses in System (excluding one mac per port) : 0

Max Addresses limit in System (excluding one mac per port) : 6144

#show port-security

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action

(Count) (Count) (Count)

---------------------------------------------------------------------------

Gi3/0/29 1 1 0 Restrict

---------------------------------------------------------------------------

Total Addresses in System (excluding one mac per port) : 0

Max Addresses limit in System (excluding one mac per port) : 6144

MID-M-3750-1#show port-security int g3/0/29

Port Security : Enabled

Port Status : Secure-up

Violation Mode : Restrict

Aging Time : 0 mins

Aging Type : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses : 1

Total MAC Addresses : 1

Configured MAC Addresses : 1

Sticky MAC Addresses : 0

Last Source Address:Vlan : 2c44.fd1e.a672:900

Security Violation Count : 0

Anyone have any ideas what might be happening? I have a different switch stack and everything works correctly. Different Code Version of course.

Thanks

Mike

mikejamrog · ‎02-24-2014

I opened a case with TAC.

Here is the results.

As per my research, you are hitting Bug CSCug90127 the fix for which will be released in

IOS version 15.2(2)E and 15.0(2)SE6. The tentative date of release for SE6 is March end

or April beginning 2014. Schedule is being discussed and there is some possibility that

these dates might get postponed by a month or two.