On 07/21/2011 11:42 PM, Martin T wrote:
Phil, Gabriel,
one situation where this MAC counting does not work is when there is a
virtual machine hypervisor connected to a switch port and virtual
machines have NIC's configured to bridge mode.
Well, you've got a database containing all of your kit and their MAC
addresses, right, so you can just exclude ports with VMs?
;o)
IMHO counting MAC addresses in combination of checking incoming BPDU
frames on particular interface is probably the best option if CDP is
not enabled..
What if the downstream switch doesn't have STP enabled?
Hell, what if the downstream switch doesn't have any other hosts on it
at the moment? There will only be 1 (or maybe 0) MACs on the port.
There's no perfect way to magically find unmanaged switches (managed
ones are not a problem, because they're managed!).
One approach that hasn't been mentioned is: just enable BPDU guard and
see what breaks. That's essentially how we handled it.
The switches are unmanaged, so presumably shouldn't be connected to the
network anyway, or should be managed, or you're dealing with a customer
handoff point, in which case liase with the customer contact address.
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
