Switching

 View Only
last person joined: 3 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

  • 1.  MAC Limit of 1

    Posted 09-06-2012 14:09

    On our cisco switches we will normally set a mac limit of 1 on access ports for end users unless they are voip ports and then we set it for 2.

     

    We are trying to do the same thing on our Juniper switches but I came across this:

    http://www.juniper.net/techpubs/en_US/junos12.1/topics/task/configuration/port-security-mac-limiting-cli.html

    which states never use a mac limit of 1.

     

    How can we lock down a port to a single mac?

     



  • 2.  RE: MAC Limit of 1
    Best Answer

    Posted 09-06-2012 23:19
    Hi,

    If you're talking about a port, then limiting the number of MACs to 1 is supported and it works fine.

    IMO. the documentation should be corrected to reflect that it's not advisable to limit the number of MACs in a VLAN or LAG to 1 (for the reasons mentioned on the page).

    cheers,
    ankit
    #etherchannel
    #limit
    #LAG
    #MACmove


  • 3.  RE: MAC Limit of 1

    Posted 09-06-2012 23:24
    just provided this feedback to the doc owner. Will let you know if this can be modified. IF not, then will let you know the reason 🙂

    cheers,
    ankit


  • 4.  RE: MAC Limit of 1

    Posted 02-26-2013 05:54
    the document has been fixed with this addition:

    "If the VLAN is composed of regular access or trunk interfaces, you can set the mac-limit to 1 if you choose to do so."

    Link:
    http://www.juniper.net/techpubs/en_US/junos12.3/topics/task/configuration/port-security-mac-limiting-cli.html

    Thanks for pointing this out and helping us improve the page.

    Cheers,
    ankit