![why disable mac address learning why disable mac address learning](https://blog.eldernode.com/wp-content/uploads/2020/08/How-to-change-the-MAC-address-in-Windows-2.png)
Credits earned at another educational institution may not be accepted by Vanderbilt University Medical Center. As a result, no mac addresses can be learned on that interface.Credits earned at Vanderbilt University Medical Center may not transfer to another educational institution. Just to give you a little insight to the problem I am having (in case you can help me!) when I configure the command switchport port-security maximum 1 command I do not receive any errors but the command does not show in my running config. So since the “bad macs” are never added they never need to be removed.Īlso from what I am reading in the Cisco article below the command Errdiable recovery interval 300 is very similar to the Switchport port-security aging time 10 command. The new mac address that caused the issue is not even added to the table. From what I understand the way port security works is that mac addresses can be learned dynamically or statically depending on how the interface is configured, then once the limit of mac addresses is met or a mac address that has not been defined is seen on the interface the configured violation mode occurs. I also don’t believe that this command removes any mac addresses from the CAM table. This indicated to me that the switchport port-security againg time 10 command recovers the port from being in the err-dsiabled state. Make sure you don’t forget to enable automatic recovery with the errdisable recovery cause psecure-violation command." Make sure you solve the problem though because otherwise it will just have another violation and end up in err-disable state again. After 10 minutes it will automatically recover from err-disable state. You can change the aging time from 0 to whatever value you like with the switchport port-security aging time command. Switch(config-if) #switchport port-security aging time 10
![why disable mac address learning why disable mac address learning](https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/36084023671/original/FoIhH94Tf__44jpu0ruxVCIeitMf0C3tIA.jpg)
Switch(config) #errdisable recovery cause psecure-violation " It might be easier if the interface could recover itself after a certain time:
WHY DISABLE MAC ADDRESS LEARNING PC
You are correct the switch will not forward data out of the interface it received it on, but this does not prevent the arp process from occurring on either PC because the ARP request and reply happen on the hub (yes the switch gets copies of the data and floods it but in this situation it has zero to do with the arp process) Now the switch has two mac addresses in its cam table associated with one interface. The switch then puts PC 2 information in the cam table and floods the data out of all ports except the one it had arrived on. Since these PCs are on a hub the arp reply is also sent to the switch. Then it replies to PC 1 with its mac address information and PC 1 assigns similar info in its ARP cache. PC 2 sees the ARP request and associates PC 1s mac to PC 1s ip address in the ARP cache. The switch forwards this data out all of its ports except the port the data came from. The switch checks the source mac address and assigns that interface to that mac address in the cam table. The data will be forwarded out of all the ports hitting the switch and the PC. PC 1 will send a broadcast asking all clients what is the mac address associated with X ip address.
![why disable mac address learning why disable mac address learning](https://benisnous.com/wp-content/uploads/2020/09/MAC-Address-Filtering-CompTIA-Network-N10-005-51.jpg)
Lets say PC 1 is trying to ping PC 2 but, PC 1 has an empty arp cache (assume the same for PC2 and the switch) Next we must understand how ARP works and how a switch learns mac addresses. If it receives data it flood that data out of every port. Just to make sure I understand correctly you have two client PCs connected to a hub the hub is then connected to a switch.įirst we must understand that a hub is a layer 1 device.