Feature interactions when Eavesdrop Prevention is disabled

The following table explains the various interactions between learning modes and Eavesdrop Prevention when Eavesdrop Prevention is disabled.

NOTE:

When the learning mode is "port-access", Eavesdrop Prevention will not be applied to the port. However, it can still be configured or disabled for the port.

Learn – Effect

Learn mode

Effect

Static

When Eavesdrop Prevention is disabled, the port transmits packets that have unknown destination addresses. The port is secured and only a limited number of static MAC addresses are learned. A device must generate traffic before the MAC address is learned and traffic is forwarded to it.

Continuous

The default. The Eavesdrop Prevention option does not apply because port security is disabled. Ports forward traffic with unknown destination addresses normally.

Port-access

Disabling Eavesdrop Prevention is not applied to the port. There is no change.

Limited-continuous

When Eavesdrop Prevention is disabled, the port transmits packets that have unknown destination addresses. The port is secured; MAC addresses age normally. Eavesdrop Prevention may cause difficulties in learning MAC addresses (as with static MAC addresses) and cause serious traffic issues when a MAC ages out.

Configured

When Eavesdrop Prevention is disabled, the port transmits packets that have unknown destination addresses. The port is secured by a static MAC address. Eavesdrop Prevention should not cause any issues because all valid MAC addresses have been configured.

Syntax:


port-security <port-list> eavesdrop-prevention
no port-security <port-list> eavesdrop-prevention

When this option is enabled, the port is prevented from transmitting packets that have unknown destination addresses. Only devices attached to the port receive packets intended for them. This option does not apply to a learning mode of port-access or continuous. Default: Enabled

The show port-security command displaying Eavesdrop Prevention

switch(config)# show port-security

 Port Security

  Port   Learn Mode    | Action           Eavesdrop Prevention
  ------ ------------- + ---------------- --------------------
  1      Continuous    | None             Enabled
  2      Continuous    | None             Enabled
  3      Continuous    | None             Enabled
  4      Continuous    | None             Enabled
  5      Continuous    | None             Enabled