From: Popgeorgiev Nikolay (nikolay.popgeorgiev@siemens.com)
Date: Fri Feb 24 2006 - 04:23:37 GMT-3
Hello,
I am not quite sure but why don't you use sticky mac addresses ? . This way you will survive the reboot.
Best,
Nick
-----Original Message-----
From: Quetta Walla [mailto:quetta_1@lycos.com]
Sent: Friday, February 24, 2006 8:55 AM
To: ccielab@groupstudy.com
Subject: HSRP and sw port-security
If router R1 and R2 are connected to ports f0/1 and f0/2 of sw respectively. R1 and R2 have HSRP enabled on these ports. Now the requirement is also to configure port-security on port f0/1 and port f0/2 of the switch which should accept only mac-addresses of these routers and can survive a reboot. Do not use bia command.
sw
int f0/1
sw mo access
sw access vlan 192
sw port-security
sw port-security max 2
maximum 2 is to accomodate the virtual mac-add used by HSRP.
Question is, should the mac-address of R1 be hard coded on f0/1 of sw and of R2's on f0/2 of sw. Then what about the virtual mac used by HSRP because 2 similar mac-add cannot be hardcoded on 2 ports of the same switch. This has to be done without using bia command.
Thanks
--
This archive was generated by hypermail 2.1.4 : Wed Mar 01 2006 - 11:28:18 GMT-3