Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
653
Views
0
Helpful
1
Replies

Port Security Err-Disable...The Mystery !

Ahmed Mukhtar
Level 1
Level 1

‎10-04-2015 11:11 PM - edited ‎03-08-2019 02:03 AM

Hello All ! 

 

             We had 3 ports in our LAN connected to a simple 2960 that had Port security enabled with just allowing 2 MAC addresses on each port, Now as soon as we connected one of them everything was good, once we connect any other of those three then that port goes into error disable state! Stating that port security violation was caused by AAAA.BBBB.CCCC Mac address

The End stations were running a single virtual machine along side their Physical machine & we had allowed them enough addresses so that they could run 5 VM's ! Then why the port was going down into err disable state! ??? 

 

Well i got the answer! First we thought its a faulty NIC card or a Bad network cable but we changed everything but all in vain, the reason was DUPLICATE MAC addresses! ouch! but how? well, they had copied VM's with each other & guess what, the MAC's of VM's were also copied! 

If you have two PC's in your network having the same MAC address in the same VLAN or Broadcast domain what happens?

Well you will be seeing a log message of MAC flapping between ports X & port Y IF Port security is DISABLED, But once you enable port security the second port that connects in with the same MAC as any other port's learned MAC, then it goes into err disabled state.

 

Ok this happens fine, but my question is WHY? is there any feature set of port security that anyone can share??

 

 

Labels:
0 Helpful
1 Reply 1

amikat
Level 7
Level 7

‎10-05-2015 11:40 AM

Hi,

Please see beneath the excerpt from the Cat2960 Command Reference ("switchport port-security" command):

A security violation occurs when the maximum number of secure MAC addresses are in the address table and a station whose MAC address is not in the address table attempts to access the interface or when a station whose MAC address is configured as a secure MAC address on another secure port attempts to access the interface.

Best regards,

Antonin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card