Hy guys,
I have some questions regarding to port security on my 2690 catalyst
so i enable mode acces on a port
i set the following options
switchport port-security mac-address sticky
switchport port-security maximum 1
switchport port-security violation shutdown
which is great , the first address that comes up on that port will be the only one permited.
so my questions are
1. is the mac stored in run or start?
2.how long is the mac address stored in config file? is it the same as in arp table 4 hours?
3.what happens if i change the mac address (device) on that port how do i change the sticky address?
4.what happens if for example i reboot my switch? is the mac address lost. for example if someone else who knows cisco might reboot the switch so that he can plug another pc . is that possible and allowed?
5.what are some real world examples for the port-security options . i mean... is it good practice to allow 1 ,2 , or all?
thanks!