You are the network administrator of a small Layer 2 network with 50 users. Lately, users have
been complaining that the network is very slow. While troubleshooting, you notice that the CAM
table of your switch is full, although it supports up to 12, 000 MAC addresses. How can you solve
this issue and prevent it from happening in the future?
A.
Upgrade the switches
B.
Configure BPDU guard
C.
Configure VLAN access lists
D.
Configure port security
E.
Configure Dynamic ARP inspection
Explanation:
Enabling Port Security
Port security is either autoconfigured or enabled manually by specifying a MAC address. If a MAC
address is not specified, the source address from the incoming traffic is autoconfigured and
secured, up to the maximum number of MAC addresses allowed. These autoconfigured MACaddresses remain secured for a time, depending upon the aging timer set. The autoconfigured
MAC addresses are cleared from the port in case of a link-down event.
When you enable port security on a port, any dynamic CAM entries that are associated with the
port are cleared. If there are any currently configured static or permanent CAM entrie on that same
port, you may not be able to enable the port-security on that port. If this is the case, clear the
configured static and permanent earl entries on that port and then enable port-security.
To enable port security, perform this task in privileged mode:http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.2glx/configuration/guide/sec_port.ht
ml