[Cisco] Sticky vs non sticky port security problem on 2950switches

Rob Bernard RBernard at groupwise.swin.edu.au
Wed May 10 12:48:24 EST 2006 

Dear Kevork

I discussed your case with Verghese (our LMC).  I had a personel pet
theory that might account for this trouble (which we also see in our
2950 Switches, with, from memory, a newer IOS).

One thing that you have not mentioned is if there is a difference in
the version number of the BIOS in your 2 Switches.

If that is not causative, then I suggest that  it is possible that at
some stage of the production of the switches a hardware change was made
in the port hardware, and that the IOS either auto-detects the
difference in capabilities, or just plain mis-operates (depending on
your point of view).

The switch motherbaord is probably interchangeable in all other
repects, and perhaps is even being inter-mingled during service to
existing devices.

No doubt the upgrade in capability would have been planned for some
time, and appropriate software implemented to make it happen; but
without a change in model number, how could you tell the old boards from
the new (even in the production areas)?

If this is the case, then you would expect that gradually the
customer-base would fill-up with compliant switches, and eventually the
feature could be advertised as possible for that line.  However, the
reverse may also be the case, if an I.C. manufacturer started supplying
I.C.s that look and test the same in every other manner but this, and
the difference was not being picked-up during testing.  (This would not
be a feature that is likely to be high on the list of testing
priorities).

These hypotheses can be tested, specifically by you who has 2 splendid
units that are behaving quite differently with the identical IOS in
each.  All you would have to do is to 'lift the lid' and look for
differences in the key I.C.s, such as part-numbers, hardware changes,
manufacturer changes, etc.

(No doubt the real reason will eventually be found to be a memory
buffer malfunction causing an effect like hardware performance.  Such is
life for the speculators).  Good luck with your investigation - I would
love to hear what the final outcome is.

Regards      - Rob B.


Rob Bernard
Elec. Dept. 
Room W291 (TAFE-Wantirna)
Swinburne Uni (Mail #W27)
c/o P.O. Box 218
Hawthorn, Vic.  3122
Ph.  61 (03) 9214 8464

>>> kevork at edulists.com.au 05/06/06 10:31 am >>>
Hi Jim and David,

   Thanks for your replies.
Whatever is causing the problem is presenting a very interesting
challenge 
!!

Best Wishes


Kevork Krozian
Mailing List Creator and Administrator
kevork at edulists.com.au 
www.edulists.com.au 
Tel: 0419 356 034
----- Original Message ----- 
From: "Jim Bunn" <bunn.jim.c at edumail.vic.gov.au>
To: "'Cisco Teachers' Mailing List'" <cisco at edulists.com.au>
Sent: Friday, May 05, 2006 2:43 PM
Subject: RE: [Cisco] Sticky vs non sticky port security problem on 
2950switches


> Hi Kevork,
>
> Our 2950 switches are running the enhanced image and the students
who
> attempted the lab had no problems with it.
>
> Cheers,
> Jim
>
> Jim Bunn
> CCNA CCAI
> Technology Coordinator
> Hampton Park Secondary College
> Victoria  Australia
> 8795 9400
>
> bunn.jim.c at edumail.vic.gov.au 
>
> -----Original Message-----
> From: cisco-bounces at edulists.com.au
[mailto:cisco-bounces at edulists.com.au] 
> On Behalf Of Kevork Krozian
> Sent: Friday, 5 May 2006 12:47 PM
> To: cisco at edulists.com.au 
> Subject: [Cisco] Sticky vs non sticky port security problem on 2950 
> switches
>
> Hi Friends,
>
>    Semester 3, Module 6 lab 6.2.5 requires port security to be
configured.
> Specifically , Item 9b requires the following 3 commands:
>      (i) switchport mode access
>      (ii) switchport port-security
>      (iii) switchport port-security mac-address sticky
>
>    Now this last command works on one of our 2950 switches and not
the
> other.
> At first I thought the issues might be the IOS version. So,
investigating
> the IOS on each the results were:
>
>    1)  The sticky (works on switch) had IOS ver
c2950-i6q4l2-mz.121-6.EA2c
> and the
>    2) Non sticky ( does not work on switch ) had IOS ver
> c2950-i6q4l2-mz.121-22.EA2
>
>   On a first observation the working one is 121-6 and the non working
one
> is 121-22. So it seemed what appeared a newer version was not
working. Not
> deterred, I got the students to save the non-working switch's IOS to
a 
> tftp
> server and copied in the working version onto the switch.  After
reloading 
> ,
> it still did not work after confirming the updated IOS was in fact
running
> on the switch.
>
> So, do any of my expert colleagues out there have any ideas ???
>
> Best Wishes
>
>
>
> Kevork Krozian
> IT Manager , Forest Hill College
> k.krozian at fhc.vic.edu.au 
> http://www.fhc.vic.edu.au 
> Mobile: 0419 356 034
>
>
> _______________________________________________
> cisco mailing list
> cisco at edulists.com.au 
> http://www.edulists.com.au/mailman/listinfo/cisco 
>
>
>
>
> Important -
> This email and any attachments may be confidential. If received in
error, 
> please contact us and delete all copies. Before opening or using 
> attachments check them for viruses and defects. Regardless of any
loss, 
> damage or consequence, whether caused by the negligence of the sender
or 
> not, resulting directly or indirectly from the use of any attached
files 
> our liability is limited to resupplying any affected attachments. Any

> representations or opinions expressed are those of the individual
sender, 
> and not necessarily those of the Department of Education & Training.
>
> _______________________________________________
> cisco mailing list
> cisco at edulists.com.au 
> http://www.edulists.com.au/mailman/listinfo/cisco 
> 

_______________________________________________
cisco mailing list
cisco at edulists.com.au 
http://www.edulists.com.au/mailman/listinfo/cisco

Education is only the beginning.
Let's get on with it.

Swinburne University of Technology
CRICOS Provider Code: 00111D

NOTICE
This e-mail and any attachments are confidential and intended only for the use of the addressee. They may contain information that is privileged or protected by copyright. If you are not the intended recipient, any dissemination, distribution, printing, copying or use is strictly prohibited. The University does not warrant that this e-mail and any attachments are secure and there is also a risk that it may be corrupted in transmission. It is your responsibility to check any attachments for viruses or defects before opening them. If you have received this transmission in error, please contact us on +61 3 9214 8000 and delete it immediately from your system. We do not accept liability in connection with computer virus, data corruption, delay, interruption, unauthorised access or unauthorised amendment.

Please consider the environment before printing this email.

More information about the cisco mailing list