Page 207

LAN Switch Configuration 183

Figure 4-26 provides a simple example to show the use of permanent and restricted-static
addresses. A popular server (Server 1) is on port E0/3, and there is never a case when its MAC
address should not be in the table. So, just in case the 1024 entries in the MAC address table
are filled, which causes the switch to flush and relearn the entries, the server will remain in the
table. The payroll server is also on this switch, and only the company comptroller is allowed
access. The configuration and resulting MAC address table are shown in Example 4-5, which
follows the figure.

Figure 4-26

MAC Address Table Manipulation--Sample Network

Another feature affecting the MAC address table is called port security. Port security is a feature
that, when enabled, limits the number of MAC addresses associated with a port in the MAC
address table. In other words, there is a preset limit to the number of sources that can forward
frames into that switch port.

Example 4-5

The MAC Address Table, with Dynamic, Permanent, and Restricted-Static entries

wg_sw_a(config)#mac-address-table permanent 0200.2222.2222 ethernet 0/3
wg_sw_a(config)#mac-address-table restricted static 0200.1111.1111 e0/4 e0/1
wg_sw_a(config)#End
wg_sw_a#
wg_sw_a#sh mac-address-table
Number of permanent addresses : 1
Number of restricted static addresses : 1
Number of dynamic addresses : 5

Address Dest Interface Type Source Interface List
----------------------------------------------------------------------
0200.4444.4444

Ethernet 0/1 Dynamic All

00E0.1E5D.AE2F Ethernet 0/2 Dynamic All
0200.2222.2222 Ethernet 0/3 Permanent All
0200

1111.1111 Ethernet 0/4 Static Et0/1

00D0.588F.B604 FastEthernet 0/26 Dynamic All
00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All
00D0.5892.38C4 FastEthernet 0/27 Dynamic All

Company
Comptroller

Payroll Server
0200.2222.2222

E0/1

E0/2

E0/3

E0/4

ch04.fm Page 183 Monday, March 20, 2000 5:02 PM