GROUPMEMBERS

USMAN IMRAN/16237 ADNAN

SAFDAR/17539

PRESENTATION OF

TELECOMMUNICATION SWITCHING

Port Security in Switching

WHAT IS SWITCH?

• Device that forwards data from input/output ports towards it’s destination .

• network hubs, home routers and network bridges are called switches .

• It donot need to be configured.

• Plug and pay devices.

• Nodes connected through links and differenciated by mac addresses

• Maintain forwarding table that contain link number and mac addresses.

• Clear table when switch is off.

Switch

Switch

Ports

• Location on switch where devices are connected.

• Devices maybe computers , printers , games etc.

• Number of ports vary to devices.

• rectangular openings a bit bigger than phone cord.

• have a single port called an uplink or (WAN) port, but the rest are switch ports

• switch port allows connected devices to talk to each other in parallel

Switch port Security

• Feature in switches to secure nework

• Limit the number of devices on switch ports

• Uses mac addresses for limitations

Types of port security

• Port Security With Dynamic Mac Addresses

• Port Security With Static Mac Addresses

• Port Security With Sticky Mac Addresses

Port Security With Dynamic Mac Addresses

• Dynamically configure secure mac addresses of devices connected to port.

• Addresses will be stored in address table.

• Doesn’t forward traffic of unspecified devices

• Addresses will be lost when the switchport goes down or switch reboots.

Port Security With Static Mac Addresses

• Secure MAC addresses are statically configured on each switchport.

• Stored in the address table.

• Static configuration is stored by default in port Security.

• Addresses table can be made permanent by saving them to the startup configuration.

Port Security with Sticky MAC Addresses

• Sticky secure MAC addresses are a hybrid

• Dynamically learned from the devices connected to the switchport

• Addresses are put into the address table AND are entered into the running configuration as a static secure MAC address

• MAC addresses will be lost until and unless saved to the startup configuration

violation

• Violation happens when a person breaks a law or do some thing that isn’t allowed.

TYPES• Shutdown

• Protect

• Restrict

Shutdown

• Default switch port security mode

• Port will be taken out of service

• errDisable mode will be activated

• Manually removed from the state

Protect

• switchport will permit traffic from known MAC addresses

• Drop traffic of unknown mac.

• No notification msgs for violation

Restrict

• the switchport will permit traffic from known MAC addresses

• drop traffic of unknown MAC addresses.

• Send notification msgs of violation occured.

Causes of a Switchport Violation

Two situation that causes Switch Port Violation

• Whe maximum number of secure MAC addresses has added in address table and traffic from unknown MAC address is received on the switchport.

• When an address that has been seen on a secure switchport has already been seen on another secure switchport in the same VLAN.