Cisco Switch feature or not ?

Discussion in 'Cisco' started by bensonlei@yahoo.com.hk, May 18, 2011.

  1. Guest

    Hi,
    Just heard that, all switch ports of a cisco switch are locked up/shut
    down/disabled triggered by uplink port (trunk mode or access mode )
    issue ? I do not know what feature called ?

    Anybody can tell me about this feature, or it is Cisco proprietary
    feature ?

    Thanks a lot.
    , May 18, 2011
    #1
    1. Advertising

  2. "" <> writes:
    >Just heard that, all switch ports of a cisco switch are locked up/shut
    >down/disabled triggered by uplink port (trunk mode or access mode )
    >issue ? I do not know what feature called ?


    >Anybody can tell me about this feature, or it is Cisco proprietary
    >feature ?


    Perhaps you are thinking of BPDUguard?
    Doug McIntyre, May 18, 2011
    #2
    1. Advertising

  3. Guest

    On 5月18æ—¥, 下åˆ1時33分, Doug McIntyre <> wrote:
    > "" <> writes:
    > >Just heard that, all switch ports of a cisco switch are locked up/shut
    > >down/disabled triggered by uplink port (trunk mode or access mode )
    > >issue ? I do not know what feature called ?
    > >Anybody can tell me about this feature, or it is Cisco proprietary
    > >feature ?

    >
    > Perhaps you are thinking of BPDUguard?


    Thanks for the reminder.

    Once I though that, but it is none of Root Guard, BPDU Guard, Loop
    Guard nor UDLD Guard, any other Guard I did not mention ?
    , May 18, 2011
    #3
  4. alexd Guest

    Meanwhile, at the comp.dcom.sys.cisco Job Justification Hearings,
    chose the tried and tested strategy of:

    > Once I though that, but it is none of Root Guard, BPDU Guard, Loop
    > Guard nor UDLD Guard, any other Guard I did not mention ?


    You forgot Coldstream Guard.

    --
    <http://ale.cx/> (AIM:troffasky) ()
    19:31:22 up 11 days, 23:30, 6 users, load average: 0.04, 0.16, 0.19
    "People believe any quote they read on the internet
    if it fits their preconceived notions." - Martin Luther King
    alexd, May 18, 2011
    #4
  5. flamer Guest

    On May 18, 3:14 pm, "" <>
    wrote:
    > Hi,
    > Just heard that, all switch ports of a cisco switch are locked up/shut
    > down/disabled triggered by uplink port (trunk mode or access mode )
    > issue ? I do not know what feature called ?
    >
    > Anybody can tell me about this feature, or it is Cisco proprietary
    > feature ?
    >
    > Thanks a lot.


    maybe these options?

    switchport port-security maximum {max # of MAC addresses allowed}: You
    can use this option to allow more than the default number of MAC
    addresses, which is one. For example, if you had a 12-port hub
    connected to this switch port, you would want to allow 12 MAC addresses
    —one for each device. The maximum number of secure MAC addresses per
    port is 132.


    switchport port-security violation {shutdown | restrict | protect}:
    This command tells the switch what to do when the number of MAC
    addresses on the port has exceeded the maximum. The default is to shut
    down the port. However, you can also choose to alert the network
    administrator (i.e., restrict) or only allow traffic from the secure
    port and drop packets from other MAC addresses (i.e., protect).


    switchport port-security mac-address {MAC address}: You can use this
    option to manually define the MAC address allowed for this port rather
    than letting the port dynamically determine the MAC address
    flamer , May 19, 2011
    #5
  6. Guest

    On 5月19æ—¥, 上åˆ7時20分, "flamer "
    <> wrote:
    > On May 18, 3:14 pm, "" <>
    > wrote:
    >
    > > Hi,
    > > Just heard that, all switch ports of a cisco switch are locked up/shut
    > > down/disabled triggered by uplink port (trunk mode or access mode )
    > > issue ? I do not know what feature called ?

    >
    > > Anybody can tell me about this feature, or it is Cisco proprietary
    > > feature ?

    >
    > > Thanks a lot.

    >
    > maybe these options?
    >
    > switchport port-security maximum {max # of MAC addresses allowed}: You
    > can use this option to allow more than the default number of MAC
    > addresses, which is one. For example, if you had a 12-port hub
    > connected to this switch port, you would want to allow 12 MAC addresses
    > —one for each device. The maximum number of secure MAC addresses per
    > port is 132.
    >
    > switchport port-security violation {shutdown | restrict | protect}:
    > This command tells the switch what to do when the number of MAC
    > addresses on the port has exceeded the maximum. The default is to shut
    > down the port. However, you can also choose to alert the network
    > administrator (i.e., restrict) or only allow traffic from the secure
    > port and drop packets from other MAC addresses (i.e., protect).
    >
    > switchport port-security mac-address {MAC address}: You can use this
    > option to manually define the MAC address allowed for this port rather
    > than letting the port dynamically determine the MAC address


    Thanks so much for your suggestion.

    I shall check about the coldstream Guard.

    Meanwhile, I do not think Port-security is the solution.
    Its operation is to cause switch port to shut down/disabled whenever
    extra MAC address violates the granted security rules.
    Cheers
    , May 19, 2011
    #6
  7. Guest

    On 5月19æ—¥, 上åˆ9時34分, "" <>
    wrote:
    > On 5月19æ—¥, 上åˆ7時20分, "flamer "
    >
    >
    >
    >
    >
    > <> wrote:
    > > On May 18, 3:14 pm, "" <>
    > > wrote:

    >
    > > > Hi,
    > > > Just heard that, all switch ports of a cisco switch are locked up/shut
    > > > down/disabled triggered by uplink port (trunk mode or access mode )
    > > > issue ? I do not know what feature called ?

    >
    > > > Anybody can tell me about this feature, or it is Cisco proprietary
    > > > feature ?

    >
    > > > Thanks a lot.

    >
    > > maybe these options?

    >
    > > switchport port-security maximum {max # of MAC addresses allowed}: You
    > > can use this option to allow more than the default number of MAC
    > > addresses, which is one. For example, if you had a 12-port hub
    > > connected to this switch port, you would want to allow 12 MAC addresses
    > > —one for each device. The maximum number of secure MAC addresses per
    > > port is 132.

    >
    > > switchport port-security violation {shutdown | restrict | protect}:
    > > This command tells the switch what to do when the number of MAC
    > > addresses on the port has exceeded the maximum. The default is to shut
    > > down the port. However, you can also choose to alert the network
    > > administrator (i.e., restrict) or only allow traffic from the secure
    > > port and drop packets from other MAC addresses (i.e., protect).

    >
    > > switchport port-security mac-address {MAC address}: You can use this
    > > option to manually define the MAC address allowed for this port rather
    > > than letting the port dynamically determine the MAC address

    >
    > Thanks so much for your suggestion.
    >
    > I shall check about the coldstream Guard.
    >
    > Meanwhile, I do not think Port-security is the solution.
    > Its operation is to cause switch port to shut down/disabled whenever
    > extra MAC address violates the granted security rules.
    > Cheers- éš±è—被引用文字 -
    >
    > - 顯示被引用文字 -


    coldstream guard seems not related to network world !
    , May 19, 2011
    #7
  8. Guest

    On 5¤ë25¤é, ¤W¤È2®É48¤À, "Martin Bilgrav" <>
    wrote:
    > <> wrote in message
    >
    > news:...
    >
    > > Hi,
    > > Just heard that, all switch ports of a cisco switch are locked up/shut
    > > down/disabled triggered by uplink port (trunk mode or access mode )
    > > issue ? I do not know what feature called ?

    >
    > > Anybody can tell me about this feature, or it is Cisco proprietary
    > > feature ?

    >
    > The command you are looking for is called "Link state group 1
    > upstream/downstream"
    > It is a interface command.
    > Look into the Catalyst command ref:http://tinyurl.com/3guf57a
    > Feature is called Link-State tracking
    >
    > > Thanks a lot.

    >
    > np
    > Regards
    > Martin
    >
    >
    >
    > - ÁôÂóQ¤Þ¥Î¤å¦r -
    >
    > - Åã¥Ü³Q¤Þ¥Î¤å¦r -


    Hi, Martin,

    Thanks so much for your help. I shall check if the feature is
    fit....but it should be a great help.

    BTW, we found the EEM feature may also be helpful.

    Cheers
    , May 26, 2011
    #8
  9. Guest

    On 5¤ë26¤é, ¤U¤È3®É40¤À, "" <>
    wrote:
    > On 5¤ë25¤é, ¤W¤È2®É48¤À, "Martin Bilgrav" <>
    > wrote:
    >
    >
    >
    >
    >
    > > <> wrote in message

    >
    > >news:....

    >
    > > > Hi,
    > > > Just heard that, all switch ports of a cisco switch are locked up/shut
    > > > down/disabled triggered by uplink port (trunk mode or access mode )
    > > > issue ? I do not know what feature called ?

    >
    > > > Anybody can tell me about this feature, or it is Cisco proprietary
    > > > feature ?

    >
    > > The command you are looking for is called "Link state group 1
    > > upstream/downstream"
    > > It is a interface command.
    > > Look into the Catalyst command ref:http://tinyurl.com/3guf57a
    > > Feature is called Link-State tracking

    >
    > > > Thanks a lot.

    >
    > > np
    > > Regards
    > > Martin

    >
    > > - ÁôÂóQ¤Þ¥Î¤å¦r -

    >
    > > - Åã¥Ü³Q¤Þ¥Î¤å¦r -

    >
    > Hi, Martin,
    >
    > Thanks so much for your help. I shall check if the feature is
    > fit....but it should be a great help.
    >
    > BTW, we found the EEM feature may also be helpful.
    >
    > Cheers- ÁôÂóQ¤Þ¥Î¤å¦r -
    >
    > - Åã¥Ü³Q¤Þ¥Î¤å¦r -


    Verified....this is the tool !

    Cheers
    , May 27, 2011
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Erez Tourjeman
    Replies:
    1
    Views:
    1,193
  2. Replies:
    3
    Views:
    6,262
    conft
    Jan 19, 2008
  3. mohitbakre
    Replies:
    3
    Views:
    1,133
    www.BradReese.Com
    Dec 10, 2006
  4. a
    Replies:
    5
    Views:
    2,353
    mprasad079
    Dec 23, 2012
  5. Sandra28
    Replies:
    2
    Views:
    469
Loading...

Share This Page