cancel
Showing results for 
Search instead for 
Did you mean: 

is there a way to see/log MAC address table activity and history?

jerry_ku
New Contributor
I use Brocade ICX 6450 switches and sometimes my end-users will unplug devices, move them to different ports and so on

 

it would be helpful to have a log of port and MAC address activity/changes. Is it possible?
3 REPLIES 3

andrew_giancol1
Contributor III
we chased this rabbit a few weeks ago. use 802.1x or NAC to control and log.
https://www.ruckuswireless.com/products/software-and-saas/cloudpath
I edited this and added Ruckus's security offering.

BenBeck
Moderator
Moderator
You could use the mac-movement notification feature:

http://docs.ruckuswireless.com/fastiron/08.0.30/fastiron-08030-l2guide/GUID-252D70AC-FAF4-4E27-A39B-...
Ben Beck, RCNA, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

jijo_panangat
Contributor III
Hello Jerry,

Here is a sample config and its output.


The following example enables notification of MAC address moves and sends an SNMP trap when any MAC address moves to a different port five times in a 10-second interval.

CX6430-24 Switch(config)#mac-movement notification threshold-rate 5 sampling-interval 10

ICX6430-24 Switch(config)#show notification mac-movement threshold-rate 

Threshold-Rate Mac Movement Notification is ENABLED

Configured Threshold-Rate : 5 moves

Configured Sampling-Interval : 10 seconds

Number of entries in the notification table : 0

MAC-Address    from-Port    to-Port           Last Move-Time   Vlan-id
-------------- ---------    -------           --------------   -------