Port Security violation after eaps and arp-flush

  • 1
  • 1
  • Problem
  • Updated 2 years ago
  • Solved
  • (Edited)
It's belong a Point to Point Connection over a EAPS-Ring. We have created a VMAN on the ring and add the port untagged on the vman.
The cutomer have on his side a cisco with "switchport port-security maximum 1" defined.
Now if the ring broken then the eaps send arp-flush and at the same time on the cisco-side/customer goes the port down because of more the 1 MAC :-/ 
Could someone explain me the write Setting on the customer / untag port side that the customer don't get more the 1 MAC ̈-Adresse from the port out in case of a ring broken or complete !


Photo of Pa Trick

Pa Trick

  • 166 Points 100 badge 2x thumb

Posted 2 years ago

  • 1
  • 1
Photo of Senguttuvan, Arun

Senguttuvan, Arun, Employee

  • 876 Points 500 badge 2x thumb
When EAPS failover happens, packets gets flooded until the FDB's are re-learnt. If you don't want flooding to happen on a specific port, you could use the feature to disable unknown unicast flooding on the port. Command is as follows:

disable flooding [all_cast | broadcast | multicast | unicast] ports [port_list | all]

Please read the command reference guide for more details about this command. 
Photo of Pa Trick

Pa Trick

  • 166 Points 100 badge 2x thumb
Thank you Aron and Mathews. This solve the problem.
Photo of Senguttuvan, Arun

Senguttuvan, Arun, Employee

  • 876 Points 500 badge 2x thumb