Leaflet
31
OL-11615-01
VLANs. If you specify the shutdown keyword, and the configuration is a port/VLAN combination, the
violation action error disables the port. If you specify the warning keyword, the system displays a
system message when the high threshold is exceeded:
Console> (enable) set cam monitor high-threshold
value
[action {no-learn | shutdown |
warning}] {
mod/port
| {
mod/port vlan
} |
vlan
}
Step 5 Optionally, specify the polling interval for monitoring using the set cam monitor interval command.
MAC address monitoring is supported in software. If there are a large number of MAC addresses in the
CAM table and a large number of configured interfaces (ports, VLANs, or port-VLANs), the CPU usage
might go up. The load on the CPU can be reduced by adjusting the software polling interval using the
set cam monitor interval command. By default the polling interval is set to 5 seconds. It can be changed
to any value between 5 and 30 seconds:
Console> (enable) set cam monitor interval
time_s
This example illustrates how to enable MAC address monitoring globally and how to activate the
monitoring of MAC addresses on a specific port (4/3). A low threshold is configured for the first 10,000
MAC addresses learned in the CAM table, and the system is set to generate a system message when the
low threshold is exceeded. A high threshold is configured to 20,000 MAC addresses, and the system is
set to shutdown the port when this threshold is exceeded.
Console> (enable) set cam monitor enable
Cam monitor enabled
Console> (enable) set cam monitor enable 4/3
Successfully enabled cam monitor on 4/3
Console> (enable) set cam monitor low-threshold 10000 action warning 4/3
Successfully configured cam monitor on 4/3
Console> (enable) set cam monitor high-threshold 20000 action shutdown 4/3
Successfully configured cam monitor on 4/3
Console> (enable)
For more information on how to configure MAC address monitoring on Catalyst 6500 running Catalyst
OS, refer to the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_8_5/confg_gd/sec
_port.htm#wp1033648
Configuring MAC Address Monitoring in Cisco IOS
MAC address monitoring in Cisco IOS allows the definition of a single upper (maximum) threshold. In
addition, the number of MAC addresses learned can be only monitored on a per-port or per-VLAN basis,
and not per-port-per-VLAN.
By default, MAC address monitoring is disabled in Cisco IOS. However, the maximum threshold for all
ports and VLANs is configured to 500 MAC address entries, and when the threshold is exceeded the
system is set to generate a system message along with a syslog trap. These default values take effect only
when MAC address monitoring is enabled.
Note MAC address monitor is supported on Catalyst 6500 Series switches with Supervisor Engine 2 and
Supervisor Engine 720. At this moment this feature is not supported on Catalyst 6500 Series switches
equipped with Supervisor Engine 32.