After removing the offending MAC address the switch port link goes down. wheremacaddressis the MAC address that you want to delete. Sticky MAC is new feature included in AOS version 7.3.0.0 Any version below 7.3.0.0 does not have this feature.Įnvironment: All the sample outputs in this article are from Aruba S2500 Mobility Access Switch running AOS version 7.3.0.0. To delete a static MAC address: Run the command: Router(config-if) no switchport port-security mac-address sticky macaddress. Sticky MAC is disabled by default and its not supported on untrusted interfaces, Also once a MAC address is learned on one interface, it will not be learned on any other interface in the same VLAN. When the MAC limit is enabled, it provides support to log the excess MACs or drop the new MAC learning requests or shuts down the port.īy enabling Sticky MAC learning along with MAC limiting, interfaces can be allowed to learn MAC addresses of trusted workstations and servers during the period from when the interface are connected to the network until the limit for MAC addresses is reached. The MAC limit feature restricts the maximum number of MACs that can be learnt on the interface. Sticky MAC is a port security feature that dynamically learns MAC addresses on an interface and retains the MAC information in case the Mobility Access Switch reboots.
once the limit has been reached, additional devices cannot connect to the port. Sticky MAC with MAC limit prevents Layer 2 attacks like DoS attacks, Ethernet switching table overflow attacks, and DHCP starvation attacks by limiting the MAC addresses allowed while still allowing the interface to dynamically learn a specified number of MAC addresses.
0 kommentar(er)
