And also what is the command to see the present mac-table expire threshold time. So even if the host relocate or so, after 5 minutes (default), the record in mac address table is flushed and if a frame with such destination mac address arives, it is broadcasted throughout the network - and hopefully learned on a different port.Īnd also what is the default time (I guess 300 seconds). Well, to avoid this scenario, we have the aging time for each of the mapping. So if some other hosts tries to communicate with that relocated host or server, switch simply sends all the data to this black hole - it thinks, the host is still there, he is maybe just inactive or busy at the moment or doesn't need to respond at all. Some switches may be unable to relearn this address on different port simply because the hosts are not communicating through them anymore, but they still have an entry in mac address table stating, that this mac address resides on that port of the switch (which is not true anymore). Or even if hosts move from port to port / device. It can happen when you relocate a server to a different port or different device on the same LAN.
To age out inactive (and maybe invalid) entries.
#Cisco mac address table default filtering how to#
Refer to article How to configure port security on Cisco Catalyst switches that run Cisco IOS system software for details about how to configure port security on Cisco Catalyst switches that run Cisco IOS system software.Can someone please let me what is the purpose of mac table expire timer ? Refer to article How to configure port security on Cisco Catalyst switches running CatOS for details about how to configure port security on Cisco Catalyst switches running CatOS.
In Cisco Catalyst 2900XL/3900XL switches, issue the port security command to set the maximum number of secure addresses that this port can support.
The upper limit of 3,000 guarantees one MAC address per port and an additional 3,000 across all ports in the system. The available options are defined as follows: Prevent Prevents devices with the MAC addresses listed in the MAC Address Table from accessing the wireless network. In the Connection Control field, choose the radio button corresponding to the type of access you want to the wireless network. The default can be changed to any value between 1 and 3,000. In the Wireless MAC Filter field, check the Enable check box to enable MAC Filtering for the selected SSID. A secure port has a default of one MAC address.