Download - Switching and Port Security
GROUPMEMBERS
USMAN IMRAN/16237 ADNAN
SAFDAR/17539
PRESENTATION OF
TELECOMMUNICATION SWITCHING
Port Security in Switching
WHAT IS SWITCH?
• Device that forwards data from input/output ports towards it’s destination .
• network hubs, home routers and network bridges are called switches .
• It donot need to be configured.
• Plug and pay devices.
• Nodes connected through links and differenciated by mac addresses
• Maintain forwarding table that contain link number and mac addresses.
• Clear table when switch is off.
Switch
Switch
Ports
• Location on switch where devices are connected.
• Devices maybe computers , printers , games etc.
• Number of ports vary to devices.
• rectangular openings a bit bigger than phone cord.
• have a single port called an uplink or (WAN) port, but the rest are switch ports
• switch port allows connected devices to talk to each other in parallel
Switch port Security
• Feature in switches to secure nework
• Limit the number of devices on switch ports
• Uses mac addresses for limitations
Types of port security
• Port Security With Dynamic Mac Addresses
• Port Security With Static Mac Addresses
• Port Security With Sticky Mac Addresses
Port Security With Dynamic Mac Addresses
• Dynamically configure secure mac addresses of devices connected to port.
• Addresses will be stored in address table.
• Doesn’t forward traffic of unspecified devices
• Addresses will be lost when the switchport goes down or switch reboots.
Port Security With Static Mac Addresses
• Secure MAC addresses are statically configured on each switchport.
• Stored in the address table.
• Static configuration is stored by default in port Security.
• Addresses table can be made permanent by saving them to the startup configuration.
Port Security with Sticky MAC Addresses
• Sticky secure MAC addresses are a hybrid
• Dynamically learned from the devices connected to the switchport
• Addresses are put into the address table AND are entered into the running configuration as a static secure MAC address
• MAC addresses will be lost until and unless saved to the startup configuration
violation
• Violation happens when a person breaks a law or do some thing that isn’t allowed.
TYPES• Shutdown
• Protect
• Restrict
Shutdown
• Default switch port security mode
• Port will be taken out of service
• errDisable mode will be activated
• Manually removed from the state
Protect
• switchport will permit traffic from known MAC addresses
• Drop traffic of unknown mac.
• No notification msgs for violation
Restrict
• the switchport will permit traffic from known MAC addresses
• drop traffic of unknown MAC addresses.
• Send notification msgs of violation occured.
Causes of a Switchport Violation
Two situation that causes Switch Port Violation
• Whe maximum number of secure MAC addresses has added in address table and traffic from unknown MAC address is received on the switchport.
• When an address that has been seen on a secure switchport has already been seen on another secure switchport in the same VLAN.