Community discussions

 
User avatar
cwachs
newbie
Topic Author
Posts: 33
Joined: Tue Apr 29, 2014 5:55 am

MAC port lock reset?

Sun Sep 22, 2019 5:17 am

We are using CSS326's in a MDU scenario. I'd like to use the "lock on first" feature to keep an apartment from grabbing more than 1 IP address. I have a couple of questions on this.

Do I need to check BOTH "lock on first" and "port lock" for this to be active? What exactly does just "port lock" do?

Is there a way to auto reset the lock? Say a resident buys a new router and plugs it in. It sounds like it won't work without a support call to reset the port lock. Id rather have ut reset every hour or so to keep support calls down. That would be long enough to keep someone from plugging a switch in or a bridged AP but short enough to allow actual device swaps to work.
 
User avatar
AnRkey
Member Candidate
Member Candidate
Posts: 119
Joined: Tue Sep 15, 2009 6:01 pm

Re: MAC port lock reset?

Mon Oct 07, 2019 2:41 pm

Did you ever figure this out? I can have it lock to first mac too, that works, but not reset after layer1 resets. (Should it not reset after layer1 is reset?)
MTCNA
 
EdPa
MikroTik Support
MikroTik Support
Posts: 28
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: MAC port lock reset?

Wed Oct 09, 2019 4:52 pm

For CRS3xx and CSS326, the port lock will restrict MAC address learning (a static host addresses should be configured). You can allow the switch to learn the first frame it receives, this requires both options enabled. Learning of the first MAC address will reset every time an interface status changes.

See the the SwOS forwarding manual, it is slightly updated.
 
blingblouw
Member Candidate
Member Candidate
Posts: 271
Joined: Wed Aug 25, 2010 9:43 am

Re: MAC port lock reset?

Wed Oct 09, 2019 5:10 pm

So you are saying you restrict learning to a mac but if someone unplugs a device and puts a new one in it just learns the new mac? What would be the point of such a feature?
 
User avatar
AnRkey
Member Candidate
Member Candidate
Posts: 119
Joined: Tue Sep 15, 2009 6:01 pm

Re: MAC port lock reset?

Wed Oct 09, 2019 5:24 pm

So you are saying you restrict learning to a mac but if someone unplugs a device and puts a new one in it just learns the new mac? What would be the point of such a feature?
Its stops more than one host from being able to use a switch port. In other words, no adding a switch to your network and expanding it without your permission ;-)
MTCNA
 
dmitris
newbie
Posts: 42
Joined: Mon Oct 09, 2017 1:08 pm

Re: MAC port lock reset?

Wed Oct 09, 2019 5:25 pm

For CRS3xx and CSS326, the port lock will restrict MAC address learning (a static host addresses should be configured). You can allow the switch to learn the first frame it receives, this requires both options enabled. Learning of the first MAC address will reset every time an interface status changes.

See the the SwOS forwarding manual, it is slightly updated.
Is it possible to use port lock functionality on CRS3xx with ROS installed on it or port lock works only with SwOS?
 
blingblouw
Member Candidate
Member Candidate
Posts: 271
Joined: Wed Aug 25, 2010 9:43 am

Re: MAC port lock reset?

Wed Oct 09, 2019 6:31 pm

So you are saying you restrict learning to a mac but if someone unplugs a device and puts a new one in it just learns the new mac? What would be the point of such a feature?
Its stops more than one host from being able to use a switch port. In other words, no adding a switch to your network and expanding it without your permission ;-)
OK sure, thats fine, but you can do that with limiting the amount of hosts learnt. "lock on first" would presume to learn the first MAC the switch sees and nothing else, without clearing it. I get in the OP case that's not what he wants but in our case it would be great.

Who is online

Users browsing this forum: No registered users and 1 guest