Hi Jose, > I have packetfence installed in a lab, with a 3560 cisco switch. > I use mac-detection and uplik, and it works, but very slow. > When I connect a PC to the switch, the cisco switch port goes up but taking a > lot of time, the PC tries to get an ip from dhcp, and after a timeout, it > finally gets the ip and works. > After that, I register the pc, and the same problem. the port goes down, and > up, and it recalculates, etc... > > But, if I activate portfast, the port goes up inmediately, the PC gets an ip > by DHCP inmediately, and after logging on, the port goes down and up so fast, > that the PC does not renegotiate the ip, and the process does not continue. > The Packerfence change the vlan to the vlan mac-registration, but it does not > change the vlan to the normal vlan again and the PC has an ip from the > mac-detection vlan (quite caotic). So, it does not work when I activate the > portfast, and if I deactivate it, the process is very very slow (it takes 3 > minutes). > > Any idea?
First you should consider Jake's comment on using port-security instead of MAC-detection. It is a lot more reliable and scales better. Regarding portfast coming back too fast, in conf/pf.conf under [vlan] add a bounce_duration parameter with something like 10s (defaults to 4s). This sets to delay between the shut and the no shut on the port. You can perform the change through the admin also. A restart is required afterward. -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
