GEMCC
asked on
MAC Addresses bleeding (for lack of a better term) between Cisco 2950 ports
Hello,
I have an Asus router on port 33 and a Netgear switch on 35 with the following configs:
Port 35 randomly is disabled. If I do a SHUT/NO SHUT, it will stay on for a while then disable again.
On the router attached to 33, I have the modem attached to it and nothing else other than the connection going to the 2950, but SH MAC-ADDRESS-TABLE shows 7 MAC addresses. Why?
On the switch attached to 35, I have a total for 3 devices attached to the 16-port Netgear switch.
A MAC address which is on port 33 keeps shutting down port 35.
I am sure I am doing something wrong here, but what?
Please advise.
Have a great day,
Don
I have an Asus router on port 33 and a Netgear switch on 35 with the following configs:
int fa0/33
description ROUTER
switch access vlan 128
switchport mode access
switchport port-security
switchport port-security aging time 60
switchport port-security aging type inactivity
switchport port-security max 7
switchport port-security mac-address sticky
int fa0/35
description SWITCH
switch access vlan 128
switchport mode access
switchport port-security
switchport port-security aging time 60
switchport port-security aging type inactivity
switchport port-security max 16
switchport port-security mac-address stickyPort 35 randomly is disabled. If I do a SHUT/NO SHUT, it will stay on for a while then disable again.
On the router attached to 33, I have the modem attached to it and nothing else other than the connection going to the 2950, but SH MAC-ADDRESS-TABLE shows 7 MAC addresses. Why?
On the switch attached to 35, I have a total for 3 devices attached to the 16-port Netgear switch.
A MAC address which is on port 33 keeps shutting down port 35.
I am sure I am doing something wrong here, but what?
Please advise.
Have a great day,
Don
ASKER
Hello,
No, the router is not Layer 3.
The router is wireless and there is an AP attached to the Netgear switch. Should I up the switchport port-security max from 7 to 8 on port 33 (the one the router is attached)?
Thanks for your help.
Don
No, the router is not Layer 3.
The router is wireless and there is an AP attached to the Netgear switch. Should I up the switchport port-security max from 7 to 8 on port 33 (the one the router is attached)?
Thanks for your help.
Don
Should I up the switchport port-security max from 7 to 8 on port 33 (the one the router is attached)?No. You need to find and eliminate the loop. Otherwise you'll keep chasing the symptom.
You're going to have to figure out how to stop traffic from passing between the wireless part of the router and the AP on the Netgear switch.
ASKER
Can you give me a hint as to what to do?
What brand/model router and AP?
ASKER
Router Asus RT-AC66U
AP Netgear WN802T v2
Thanks for your help.
Don
AP Netgear WN802T v2
Thanks for your help.
Don
Hard to say for sure because I'm not familiar with those boxes.
It might be worthwhile to confirm that this is indeed the problem. Can you shutdown the AP and see if the problem stops?
How far apart is the AP from the wireless router?
Did you set these up? Because usually getting an AP's to move data between themselves requires a bit of configuration.
It might be worthwhile to confirm that this is indeed the problem. Can you shutdown the AP and see if the problem stops?
How far apart is the AP from the wireless router?
Did you set these up? Because usually getting an AP's to move data between themselves requires a bit of configuration.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK, so this is what I did. I complete disconnected and turned off the AP. Now the port that the router is attached to randomly gets disabled.
Needless to say, the ports are error-disabled and want them to be
I'm stumped.
Needless to say, the ports are error-disabled and want them to be
I'm stumped.
What I want to say with using protect instead of shutdown is - as long as you are testing your config and it is not fully operational maybe it is better to go with protect ... I guess your customer need network access while you try to figure out what to do next, and solve this puzzle. :)
Network will be at least partially functional.
Network will be at least partially functional.
ASKER
Fixed the problem
How is the router configured? If all the ports of the router are layer 3 ports, then you should never see any MAC address on port 33 other than the router's.
It would seem there is a connection between the router (or 2950 switch) and the netgear switch. Maybe not a direct physical link, but a connection none the less. Perhaps there are some wireless connections?