Sticky MAC is not supported on HSL interfaces.Sticky MAC is not supported on untrusted interfaces.This ensures that after this initial period with the limit reached, new devices will not be allowed even if the Mobility Access Switch restarts.
![cisco mac address learning port security cisco mac address learning port security](http://2.bp.blogspot.com/_DZhhZp9of5I/TKMqFubmppI/AAAAAAAAC-k/GqCvJks4mT8/s1600/3-Vlan-Operation.png)
#Cisco mac address learning port security for mac#
The interface is secured because after the limit has been reached, additional devices cannot connect to the port.īy enabling Sticky MAC learning along with MAC limiting, interfaces can be allowed to learn MAC addresses of trusted workstations and servers during the period from when the interface are connected to the network until the limit for MAC addresses is reached. Sticky MAC with MAC limit prevents Layer 2 denial of service (DoS) attacks, overflow attacks on the Ethernet switching table, and DHCP starvation attacks by limiting the MAC addresses allowed while still allowing the interface to dynamically learn a specified number of MAC addresses. Sticky MAC prevents traffic losses for trusted workstations and servers because the interface does not have to relearn the addresses from ingress traffic after a restart.Įnable Sticky MAC in conjunction with MAC limit to restrict the number of MAC addresses learning. Allowing the port to continuously learn MAC addresses is a security risk. Sticky MAC is an alternative to the tedious and manual configuration of static MAC addresses on a port or to allow the port to continuously learn new MAC addresses after interface-down events. Sticky MAC is a port security feature that dynamically learns MAC addresses on an interface and retains the MAC information in case the Mobility Access Switch reboots.