- Posts: 47
- Thank you received: 0
Cisco Switches VLAN Multiple Issue, Calling all VLAN Experts
19 years 5 days ago #12179
by VINODM
Cheers,
VINOD M
CCNA
~If You Cant Beat Him Join Him~
: :
##########################################
Query 1 :
Most Switches are layer 2 and IP Address cannot be Assigned to Ports on the Switch,
then why are we able to assign IP address on Mangement port (vlan 1) ?
##########################################
Query 2 :
Switches Exchange BPDU Using Well Know MAC Addresses Like 0180.C200.0000
will the mac Address common in all switches ? :
##########################################
Query 3 :
What is the Diffrence between swichport port-security mac-address and
swichport port-security mac-address sticky. :
#########################################################################
Query 4 :
Switch : Cisco 2950 (24 Port Switch) and 3750 (24 Port)
Setting Common for both Switches.
Scenario :
4 VLAN (VLAN # 10, 20, 30 and 40)
VTP Config :
domain vinod mode server.
VLAN Config :
Port 1-5 (VLAN 10), Port 6-10 (VLAN 20), Port 11-15(VLAN 30),
Port 16-20 (VLAN 40) and port 24 (Trunk Port).
Allowed VLAN :
VLAN 20 on Trunk ports of both switches.
Issue
Computer 1 having mac-address : 0000.21d5.e445 connected to switch 2950 on port 6.
Computer 2 having mac-address : 00c0.26a2.3979 connected to switch 3750 on port 6.
port 6 on 2950 Switch
2950(config-if)#switchport port-security mac-address 0000.21d5.e445
2950(config-if)#switchport port-security violation blocking
port 6 on 3750 Switch
3750(config-if)#switchport port-security mac-address 00c0.26a2.3979
3750(config-if)#switchport port-security violation blocking
when I ping computer 2 IP from Computer 1 and Vise Versa, it ping Successfully.
and also it ping successfully even after swapping the ports on the switch ???!!! :shock:
Also tried assigning the command in global configuration mode, no go.
##########################################
##########################################
Query 1 :
Most Switches are layer 2 and IP Address cannot be Assigned to Ports on the Switch,
then why are we able to assign IP address on Mangement port (vlan 1) ?
##########################################
Query 2 :
Switches Exchange BPDU Using Well Know MAC Addresses Like 0180.C200.0000
will the mac Address common in all switches ? :
##########################################
Query 3 :
What is the Diffrence between swichport port-security mac-address and
swichport port-security mac-address sticky. :
#########################################################################
Query 4 :
Switch : Cisco 2950 (24 Port Switch) and 3750 (24 Port)
Setting Common for both Switches.
Scenario :
4 VLAN (VLAN # 10, 20, 30 and 40)
VTP Config :
domain vinod mode server.
VLAN Config :
Port 1-5 (VLAN 10), Port 6-10 (VLAN 20), Port 11-15(VLAN 30),
Port 16-20 (VLAN 40) and port 24 (Trunk Port).
Allowed VLAN :
VLAN 20 on Trunk ports of both switches.
Issue
Computer 1 having mac-address : 0000.21d5.e445 connected to switch 2950 on port 6.
Computer 2 having mac-address : 00c0.26a2.3979 connected to switch 3750 on port 6.
port 6 on 2950 Switch
2950(config-if)#switchport port-security mac-address 0000.21d5.e445
2950(config-if)#switchport port-security violation blocking
port 6 on 3750 Switch
3750(config-if)#switchport port-security mac-address 00c0.26a2.3979
3750(config-if)#switchport port-security violation blocking
when I ping computer 2 IP from Computer 1 and Vise Versa, it ping Successfully.
and also it ping successfully even after swapping the ports on the switch ???!!! :shock:
Also tried assigning the command in global configuration mode, no go.
##########################################
Cheers,
VINOD M
CCNA
~If You Cant Beat Him Join Him~
- naughtypaul
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 0
19 years 4 days ago #12200
by naughtypaul
Thanks
NaughtyPaul
Replied by naughtypaul on topic Reg. VLAN
For Query 1
~~~~~~~
IP address for a Layer 2 Switch can be assined only to the default VLAN (VLAN 1). The Ultimate goal behind assigning IP address to VLAN1 of a switch is to remotely control / configure the switch..
For Query 2
~~~~~~~~
The Mac Address 0180.C200.0000 is a multicast MAC address and is the Destination Mac Address in the BPDU( Bridge Protocol Data Unit). The Source Mac Address of any BPDU will be the supervisory mac Address.
For Query 3
~~~~~~~~
Please refer to this site.... I am not very confident with the answer
>>>> www.cisco.com/en/US/products/hw/switches...9186a00802c30af.html
For Query 4
~~~~~~~~
Port Security is actually destined to create a Table of Valid / Secure mac Address
" 2950(config-if)#switchport port-security violation blocking "
The above command configures the switch to block Mac Address other then the one you have specified.... In the case of your scenerio, change the Mac address to something different like ....
2950(config-if)#switchport port-security mac-address 0000.21d5.e400
ad then try to ping ... it will Timed out.
~~~~~~~
IP address for a Layer 2 Switch can be assined only to the default VLAN (VLAN 1). The Ultimate goal behind assigning IP address to VLAN1 of a switch is to remotely control / configure the switch..
For Query 2
~~~~~~~~
The Mac Address 0180.C200.0000 is a multicast MAC address and is the Destination Mac Address in the BPDU( Bridge Protocol Data Unit). The Source Mac Address of any BPDU will be the supervisory mac Address.
For Query 3
~~~~~~~~
Please refer to this site.... I am not very confident with the answer
>>>> www.cisco.com/en/US/products/hw/switches...9186a00802c30af.html
For Query 4
~~~~~~~~
Port Security is actually destined to create a Table of Valid / Secure mac Address
" 2950(config-if)#switchport port-security violation blocking "
The above command configures the switch to block Mac Address other then the one you have specified.... In the case of your scenerio, change the Mac address to something different like ....
2950(config-if)#switchport port-security mac-address 0000.21d5.e400
ad then try to ping ... it will Timed out.
Thanks
NaughtyPaul
Time to create page: 0.116 seconds