Port security commands, Port security, Table 4-30 – Alcatel Carrier Internetworking Solutions OmniStack 6300-24 User Manual
Page 287
Authentication Commands
4-75
4
Port Security Commands
These commands can be used to disable the learning function or manually specify
secure addresses for a port. You may want to leave port security off for an initial
training period (i.e., enable the learning function) to register all the current VLAN
members on the selected port, and then enable port security to ensure that the port
will drop any incoming frames with a source MAC address that is unknown or has
been previously learned from another port.
port security
This command enables or configures port security. Use the no form without any
keywords to disable port security. Use the no form with the appropriate keyword to
restore the default settings for a response to security violation or for the maximum
number of allowed addresses.
Syntax
port security [action {shutdown | trap | trap-and-shutdown}
| max-mac-count address-count]
no port security [action | max-mac-count]
• action - Response to take when port security is violated.
- shutdown - Disable port only.
- trap - Issue SNMP trap message only.
- trap-and-shutdown - Issue SNMP trap message and disable port.
• max-mac-count
- address-count - The maximum number of MAC addresses that can be
learned on a port. (Range: 0 - 20)
Default Setting
Status: Disabled
Action: None
Maximum Addresses: 0
Command Mode
Interface Configuration (Ethernet)
Command Usage
• If you enable port security, the switch will stop dynamically learning new
addresses on the specified port. Only incoming traffic with source addresses
already stored in the dynamic or static address table will be accepted.
Table 4-30. Port Security Commands
Command
Function
Mode
Page
port security
Configures a secure port
IC
mac-address-table static
Maps a static address to a port in a VLAN
GC
show mac-address-table
Displays entries in the bridge-forwarding database
PE