Ch 9 - Configuring Switch Interfaces Flashcards
Chapter 9
PC hard coded at 10/half pevents 10/100/1000 switch from negotiating.
10/half
What does the action Restrict do?
- discards offending traffic
- sends log and snmp trap
- increments violation counter
What is the IEEE standard for auto-negotiation?
802.3u
PC hard coded at 100/full and 10/100/1000 switch can’t negotiate
100/half
What does the action Shutdown do?
- discards offending traffic
- sends log and snmp trap
- increments violation counter
- err-disables the port.
By default how many MAC addresses will a switchport allow with port-security enabled?
1
PC hard coded at 1000/full prevents 10/100/1000 switch from negotiating.
1000/full
If a switchport with port security configured for 2 different MAC addresses receives traffic from a 3rd MAC what will it do?
Port security violation has occurred. By default the interface is err-disabled.
If sticky secure MAC addresses option is configured where does the switch save the MAC addresses it discovers?
Running-config, NOT startup-config
Steps in configuring port security
- switchport mode access
- switchport port-security
- switchport port-security maximum
- switchport port-security violation
- switchport port-security mac-address
- or switchport port-security mac-address sticky
What are the 3 actions a switch can take upon detecting a violation on a port?
Protect, Restrict, Shutdown
What does the action Protect do?
Discards offending traffic. Nothing more.
How does Cisco perform auto-negotiation?
Attempt to sense the speed else use slowest supported speed, If speed is 10 or 100 use half duplex, if speed is 1000 use full duplex.
According to IEEE what rules apply when a device tries negotiating speed and duplex but hears no reply?
Use slowest supported speed and if 10 or 100 use half duplex. If speed is 1000 use full duplex.
Does auto-negotiation traffic use Ethernet?
No, it’s out of band.
