-----------Port Security--------------------- Switch1(config-if)#int fa0/10 Switch1(config-if)#switchport port-security Switch1#show port-security -> see defaults Switch1(config-if)#switchport port-security maximum 2 Switch1(config-if)#switchport port-security mac-address 0090.212D.C2E1 Switch1(config-if)#switchport port-security violation restrict Switch1#show port-security Switch1#show port-security address Switch1#show port-security interface fa0/10 Ping from PC2 to Server2 -> it works Ping from PC to Server2 -> it works Switch1#show port-security Switch1#show port-security address Power on Laptop Ping from Laptop to Server2 -> it does not work Switch1#show port-security -> see SecurityViolation Count Switch1(config-if)#switchport port-security violation shutdown Ping from Laptop to Server2 -> it does not work, the link is closed Switch1#show int fa0/10 -> err-disabled Switch1(config-if)#no shut -> the interface is still down Switch1(config-if)#shut Switch1(config-if)#no shut -> interface is up Switch1(config-if)#switchport port-security maximum 3 Switch1(config-if)#switchport port-security mac-address sticky Ping from Laptop to Server2 Switch1#show port-security address -> the address was learned sticky Switch1#show run --------------------------------------- ------------STP------------------------ Switch1(config)#spanning-tree portfast default Switch1#show spanning-tree summary Switch1#show spanning-tree interface fa0/10 portfast Switch1(config)#int fa0/12 Switch1(config-if)#spanning-tree bpduguard enable We attach Switch5 to the Switch 1 on fa0/12 -> interface is disabled by bpduguard Switch1(config)#int fa0/12 Switch1(config-if)#spanning-tree bpduguard disable Switch1(config-if)#shut Switch1(config-if)#no shut Switch1(config-if)#spanning-tree guard root Switch5(config)#spanning-tree vlan 1 root primary Switch5#show spanning-tree -> root bridge Switch2#show spanning-tree -> root bridge In simulation mode -> play -> STP packets from Switch5 are dropped by Switch1 Both Switch 1 and Switch 5 consider themselves root bridge ------------------------------------------------ -----------Storm Control------------------------ Switch1(config)#int fa0/20 Switch1(config-if)#storm-control broadcast level 10 Send from Server1 a broadcast packet to 192.168.0.255 periodically 0.001 sec (OTHER) Simulation mode -> when it reaches 10% broadcast packets are blocked by Switch1 Switch1#show storm-control broadcast ------------------------------------------------