mac-address sticky question

jscimeca715

I'm currently studying for my CCENT test and had a question that I'm pretty sure I know the answer too, but I wanted to confirm it.

Are switchport port-security mac-address sticky and switchport port-security mac-address maximum # incompatible? Is the maximum command only designed for the switchport port-security mac-address 1234.5678.90ab variant?

Thanks guys!

Mrock4

You can use both simultaneously. The maximum command will let the port store up to that number..whereas "sticky" will specify that the port should learn and store the mac that is on the port. By default, the maximum is one mac.

jscimeca715

That's what I thought...I'll have to go back and check my configs then because for some reason it wouldn't register the mac address. So in real life, let's say the maximum was set to two and i remove the current ethernet card and install a new one. Does the show run command keep both or does it sticky the new one and delete the old? That would seem to contradict the need for the maximum command. Not saying you are wrong, just want to make sure I understand it.

Mrock4

It should keep both. It's hard to say why the sticky wasn't showing them before in your case, but if you have the max set, they should.

cisco_trooper

Agree with Mrock. I have maximum set to 2 on various interfaces for various reasons. I use sticky for everything and it has never caused a problem.

Mrock4

FWIW, if you were wondering why you'd need a MAC, a common reason for us, at least, is a user who is in and out of the office, and shares a line with someone else. We don't do this often, but it does happen.

jscimeca715

Thanks guys, this is good information. It was an issue with packet tracer that i figured out. The important thing is that I know the command set to set it so thanks again for the help.