• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

CCNA question

S

sutahz

Golden Member
I was wondering if someone could explain the following command:
Switch(config-if)#switchport port-security mac-address sticky

Thanks in advance.
 
It places the current dynamic MAC address learned on the interface into the allowed MAC address list for the port.
 
so using sticky is that the most recent four or just the first 4? How does sticky work as opposed to:
Switch(config-if)#switchport port-security max <#>
which if I understand correctly records the first 4 and that is its list.
 
Sticky is only for the current from what I recall, but I dont use port security a whole lot.

max #

Sets the max number of allowed mac addresses allowed.
 
Originally posted by: sutahz
so using sticky is that the most recent four or just the first 4? How does sticky work as opposed to:
Switch(config-if)#switchport port-security max <#>
which if I understand correctly records the first 4 and that is its list.
Click to expand...

The difference is that sticky permanently remembers those MAC addresses by actually adding them to the switch configuration. With regular dynamic port security, the MACs never get put in the config and the secure MAC list will be cleared out if carrier goes down on the port, or if you configure port-security aging.

Basically dynamic port security is useful if you only care about the maximum number of MACs on a port (this is good protection against MAC flooding attacks), whereas using sticky or hardcoding a MAC list means you care specifically about what devices can plug into that port.
 
Sticky makes the first MAC address that it learns for that port "stick". It adds the MAC address to the running-config. You should see the learned mac address using the show run command.
 
Ok so just to be extra sure as you all state:
sticky is basically, as per my example, the first 4 MACs that 'get in' are the ones that can access the network
as for Switch(config-if)#switchport port-security max <#>
as long as no more than 4 devices are trying to connect the switch's port security is happy.
I'm self studying for CCNA so I have no teacher to consult.
I'm using AT for more than OT 🙂
 
Originally posted by: sutahz
Ok so just to be extra sure as you all state:
sticky is basically, as per my example, the first 4 MACs that 'get in' are the ones that can access the network
as for Switch(config-if)#switchport port-security max <#>
as long as no more than 4 devices are trying to connect the switch's port security is happy.
I'm self studying for CCNA so I have no teacher to consult.
I'm using AT for more than OT 🙂
Click to expand...

google works wonders on cisco material. in fact, the cisco website actually has lots of info on things if you poke around...or google and take the cisco link.
 
For others - any command you ever wanted to understand for Cisco IOS can be found by going to http://www.cisco.com and putting "command reference" for your version. Their site is second to none in terms of documentation.

Reading their reference manuals will also learn you something. In other words, RTFM.
 
i have to say, their textbooks are very well written. i start underlining to take notes later on and often find myself underlining *a lot* because they do such a thorough job of describing/explaining things
 
Originally posted by: xSauronx
i have to say, their textbooks are very well written. i start underlining to take notes later on and often find myself underlining *a lot* because they do such a thorough job of describing/explaining things
Click to expand...

I'm only a cisco bigot because of their documentation. I'm not kidding when I say I have 20+ ciscopress books in my library.

You know...books. The things you read with pages.
 
I did google this before asking the question here. Yes, google did bring me to a cisco.com page, but I still had questions. I'm very sure the information they presented was well laid out and percise for those that know the information. I however have this question (still) and thought to turn to a forum w/ those of technical knowlege to help me along. Thank you for your help so far, I guess I'm on my own+google hell or high water.
 
Originally posted by: sutahz
I did google this before asking the question here. Yes, google did bring me to a cisco.com page, but I still had questions. I'm very sure the information they presented was well laid out and percise for those that know the information. I however have this question (still) and thought to turn to a forum w/ those of technical knowlege to help me along. Thank you for your help so far, I guess I'm on my own+google hell or high water.
Click to expand...

Sorry, I wasn't trying to say don't questions, I love explaining this stuff to people.

I was saying cisco's documentation is really good.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top