Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Given this scenario, what do people see as the best solution:You have a network of servers which are available for direct customer access. Servers get compromised and either manually or via a script assign all IPs within the subnet to their machine....
I'm using a 7606 with sup 720 and policy feature card 3B.This PFC supports a maximum number of 239k CEF table entries. I know that a PFC card upgrade will take me to 1M CEF entries but this may not be an option in the near future and I could be runn...
I want to enable root guard on all trunk ports on a 6509 core switch running native IOS.Regarding the port-channels, should I enable root guard on the individual interfaces that make up the port-channels or on the port-channels themselves?Many thanks...
Hello all.I have a FWSM version 2.2(1) running in transparent mode which is housed in a 6509 with sup720.There are 7 security contexts defined in the FWSM. One of the contexts houses a fairly busy Internet facing FTP cluster and DNS cluster. This i...
I have a 6509 core switch which was recently changed from PVST to Rapid PVST (this is necessary for efficient FWSM synching to a redundant 6509).I now find that after rebooting one of the access switches (all of which run PVST) a brief network outage...
Hi,No there is no hub. Also I don't tnink this is a MAC address flooding issue as there is only one MAC address. Let me try to explain it in more detail:The setup is a 6509 in the core with a number of 3550 and 3560 access switches. VLANs/subnets ...
So the maximum number of IPs => MAC addresses stored in the MAC address table per interface is limited by the 'switchport port-security maximum' command?
Thanks Kamal.I may be misunderstanding the situation, but there's only one MAC address at play but they're assigning large number of IP addresses to it - will port-security max MAC addresses help here?
Thanks for your reply Mark.I'm already running Rapid PVST on the two core switches. The access switches unfortunately don't support it yet so are just running PVST but I'm hoping to upgrade them to RPVST capable switches in the near future.Unfortuna...