Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6610
Views
0
Helpful
3
Replies

max. number of Mac address on 2960

Go to solution
itdsmartnet
Level 1
Level 1

‎08-02-2008 12:37 AM - edited ‎03-06-2019 12:34 AM

hi,

i have come to know that 2960-48-TTL supports up 8000 mac addresses. i would like to know how many mac address a single port can support.

i have 2960 connected to linksys and further linksys connects to another linksys switch. My network is chocking. Any reason. i feel it may be due to mac-address.

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
tdrais
Level 7
Level 7
In response to Justin Brenton

‎08-02-2008 01:44 PM

Was not going to post on this one but the above post is misleading. Port security does indeed limit the number of addresses but this feature is not enabled by default.

This is a complex question because it works slightly differently on different switches and can have limits per vlan.

Since it appears you are running a simple single vlan you can assume that all 8000 are usable.

The key here is that the mac table is a central table it does not reside on a buffer or something on a port. It is a lookup table for the switch to find the port when it knows a mac not the other way around. So if the table has 8000 entries in theory I guess all 8000 could point to the same port.

Even in a huge network you will never see that many mac addresses. There are attacks that attempt to flood the mac table but there are options on the switch mitigate this. It is very unlikely you are exceeding the mac table. You could attempt to show the mac table and it will be very obvious if you have a issue.

More than likely you have a spanning tree issue. If possible turn spanning tree on the small switches. If they are the very cheap non managed ones they do not support spanning tree. All it takes to disable a network that does not have spanning tree on is to plug 2 ports together.

It will be very hard if the only managed switch you have is the 2960. You could run wireshark and span "monitor" the uplink to your other switches. This would allow you to see the traffic.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Justin Brenton
Level 4
Level 4

‎08-02-2008 05:24 AM

By default, only one mac address per interface, and shuts down violation

-> change using switchport port-security maximum [1-132]

Hope this helps, Please rate if so.

Regards,

Justin

0 Helpful

Go to solution
tdrais
Level 7
Level 7
In response to Justin Brenton

‎08-02-2008 01:44 PM

Was not going to post on this one but the above post is misleading. Port security does indeed limit the number of addresses but this feature is not enabled by default.

This is a complex question because it works slightly differently on different switches and can have limits per vlan.

Since it appears you are running a simple single vlan you can assume that all 8000 are usable.

The key here is that the mac table is a central table it does not reside on a buffer or something on a port. It is a lookup table for the switch to find the port when it knows a mac not the other way around. So if the table has 8000 entries in theory I guess all 8000 could point to the same port.

Even in a huge network you will never see that many mac addresses. There are attacks that attempt to flood the mac table but there are options on the switch mitigate this. It is very unlikely you are exceeding the mac table. You could attempt to show the mac table and it will be very obvious if you have a issue.

More than likely you have a spanning tree issue. If possible turn spanning tree on the small switches. If they are the very cheap non managed ones they do not support spanning tree. All it takes to disable a network that does not have spanning tree on is to plug 2 ports together.

It will be very hard if the only managed switch you have is the 2960. You could run wireshark and span "monitor" the uplink to your other switches. This would allow you to see the traffic.

0 Helpful

Go to solution
cisco_lad2004
Level 5
Level 5

‎08-04-2008 03:43 AM

8,000 as per page 130 of this excellent attached document.

http://www.cisco.com/en/US/prod/switches/ps5718/ps708/networking_solutions_products_genericcontent0900aecd805f0955.pdf

HTH

Sam

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card