MAC address notification enables you to track users on a network by storing the MAC address activity on the switch. Whenever the switch learns or removes a MAC address, an SNMP notification can be generated and sent to the NMS. If you have many users coming and going from the network, you can set a trap interval time to bundle the notification traps and reduce network traffic. The MAC notification history table stores the MAC address activity for each hardware port for which the trap is enabled. MAC address notifications are generated for dynamic and secure MAC addresses; events are not generated for self addresses, multicast addresses, or other static addresses.
Beginning in privileged EXEC mode, follow these steps to configure the switch to send MAC address notification traps to an NMS host:
| |
Command
|
Purpose
|
|
Step 1
|
configure terminal
|
Enter global configuration mode.
|
|
Step 2
|
snmp-server host host-addr {traps | informs} {version {1 | 2c | 3}} community-string notification-type
|
Specify the recipient of the trap message.
• For host-addr, specify the name or address of the NMS.
•Specify traps (the default) to send SNMP traps to the host. Specify informs to send SNMP informs to the host.
•Specify the SNMP version to support. Version 1, the default, is not available with informs.
•For community-string, specify the string to send with the notification operation. Though you can set this string by using the snmp-server host command, we recommend that you define this string by using the snmp-server community command before using the snmp-server host command.
•For notification-type, use the mac-notification keyword.
|
|
Step 3
|
snmp-server enable traps mac-notification
|
Enable the switch to send MAC address traps to the NMS.
|
|
Step 4
|
mac address-table notification
|
Enable the MAC address notification feature.
|
|
Step 5
|
mac address-table notification [interval value] | [history-size value]
|
Enter the trap interval time and the history table size.
•(Optional) For interval value, specify the notification trap interval in seconds between each set of traps that are generated to the NMS. The range is 0 to 2147483647 seconds; the default is 1 second.
•(Optional) For history-size value, specify the maximum number of entries in the MAC notification history table. The range is 0 to 500; the default is 1.
|
|
Step 6
|
interface interface-id
|
Enter interface configuration mode, and specify the Layer 2 interface on which to enable the SNMP MAC address notification trap.
|
|
Step 7
|
snmp trap mac-notification {added | removed}
|
Enable the MAC address notification trap.
•Enable the MAC notification trap whenever a MAC address is added on this interface.
•Enable the MAC notification trap whenever a MAC address is removed from this interface.
|
|
Step 8
|
end
|
Return to privileged EXEC mode.
|
|
Step 9
|
show mac address-table notification interface
show running-config
|
Verify your entries.
|
|
Step 10
|
copy running-config startup-config
|
(Optional) Save your entries in the configuration file.
|
To disable the switch from sending MAC address notification traps, use the no snmp-server enable traps mac-notification global configuration command. To disable the MAC address notification traps on a specific interface, use the no snmp trap mac-notification {added | removed} interface configuration command. To disable the MAC address notification feature, use the no mac address-table notification global configuration command.
This example shows how to specify 172.20.10.10 as the NMS, enable the switch to send MAC address notification traps to the NMS, enable the MAC address notification feature, set the interval time to 60 seconds, set the history-size to 100 entries, and enable traps whenever a MAC address is added on the specified port.
Switch(config)# snmp-server host 172.20.10.10 traps private
Switch(config)# snmp-server enable traps mac-notification
Switch(config)# mac address-table notification
Switch(config)# mac address-table notification interval 60
Switch(config)# mac address-table notification history-size 100
Switch(config)# interface fastethernet0/4
Switch(config-if)# snmp trap mac-notification added
You can verify the previous commands by entering the show mac address-table notification interface and the show mac address-table notification privileged EXEC commands.
Tweet This
Share on Facebook
Digg This
Save to delicious
Stumble it
RSS Feed
