Port Security Sticky Question

Hi All,

I wanted to confirm something that left me questioning myself today. I was studying with someone who got their CCNA and they said if sticky is configured to dynamically learn say, 3 mac addresses, when the PC is shut down, that mac address is released by the switch freeing up 1 of the 3 dynamically learned addresses. I think this is false but I wanted to confirm that there is NO release of mac addresses in dynamically learned mac addresses when a cable is unplugged or a PC is shut down, I would think that would defeat the purpose of port security.

Thanks in advance!!

Find more posts tagged with

Comments

Vask3n

You are correct, there is no "forgetting" of sticky MAC addresses in that sense.

The device will simply greenlight the first x devices that connect, where x is the sticky number (in this case, 3). Whether or not these devices are always on is irrelevant.

cisco_kidd20

Excellent, thank you for the confirmation!

_Gonzalo_

Sorry, but that is not correct.

Sticky addresses are saved in running config, so if you reboot and have not saved your configuration, those MACs would be lost. Find CISCO´s confirmation on this link:

Catalyst 6500 Release 12.2SX Software Configuration Guide - Port Security [Cisco Catalyst 6500 Series Switches] - Cisco

tecnodog7

Aren't we assuming though than once someone is configured their device they are going to save their config?

And if that is that case, aren't all the config are erased on a startup no?

mweaver84

tecnodog7 wrote: »

Aren't we assuming though than once someone is configured their device they are going to save their config?

And if that is that case, aren't all the config are erased on a startup no?

That is true but he just wondering happened to the learned mac addresses when a computer on the switch gets shut down or unplugged though. Not what happens when a switch gets shut down or rebooted.

_Gonzalo_

mweaver84 wrote: »

That is true but he just wondering happened to the learned mac addresses when a computer on the switch gets shut down or unplugged though. Not what happens when a switch gets shut down or rebooted.

Hehehe
You´re right, I misread it... Obviously, hosts do not play any role in what a switch saves or does not save.

cisco_kidd20

OK interesting, I learned something new, but it brings up another question.

Scnerio:

I set up a brand new network in an office. I am told by my boss that no other host is to be plugged into each network port in each cubical, so I configure sticky on the switch ports to shut down if another device is plugged in. I have 40 desktop hosts, and I turn them all on, the switch learns all the MAC addresses in it's running config. The next step would be to copy run start if I don't want to lose the learned MACs?

mweaver84

cisco_kidd20 wrote: »

OK interesting, I learned something new, but it brings up another question.

Scnerio:

I set up a brand new network in an office. I am told by my boss that no other host is to be plugged into each network port in each cubical, so I configure sticky on the switch ports to shut down if another device is plugged in. I have 40 desktop hosts, and I turn them all on, the switch learns all the MAC addresses in it's running config. The next step would be to copy run start if I don't want to lose the learned MACs?

Yep, if you don't save the config and switch restarts, those previous MAC addresses will be lost.