Brocade BigIron RX Series Configuration Guide User Manual
Page 30
xxx
BigIron RX Series Configuration Guide
53-1002484-04
Configuring the MAC Port Security feature . . . . . . . . . . . . . . . . . 1030
Enabling the MAC Port Security feature . . . . . . . . . . . . . . . . 1030
Setting the maximum number of secure MAC addresses for
an interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1031
Specifying static secure MAC addresses . . . . . . . . . . . . . . . 1032
Enabling dynamic MAC address learning. . . . . . . . . . . . . . . 1032
Denying specific MAC addresses . . . . . . . . . . . . . . . . . . . . . 1032
Autosaving secure MAC addresses to the startup-config . . 1033
Setting the MAC Port Security age timer . . . . . . . . . . . . . . . 1033
Defining security violation actions . . . . . . . . . . . . . . . . . . . . . . . . 1034
Shutdown the interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1034
Restricting interface access . . . . . . . . . . . . . . . . . . . . . . . . . 1034
Denying a MAC address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1036
Understanding the rules for violation action configuration . . . . .1037
Interaction between global and interface level violation
actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1037
Changing the global violation action . . . . . . . . . . . . . . . . . . .1037
Changing the violation action for an interface. . . . . . . . . . . 1038
Re-enabling an interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1038
Interface shutdown time . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1038
Manually re-enabling a interface . . . . . . . . . . . . . . . . . . . . . 1038
Displaying MAC Port Security information . . . . . . . . . . . . . . . . . . 1039
Displaying MAC Port Security settings . . . . . . . . . . . . . . . . . 1039
Displaying the secure MAC addresses list on the device . . 1040
Displaying MAC Port Security statistics . . . . . . . . . . . . . . . . 1040
Displaying a list of MAC addresses. . . . . . . . . . . . . . . . . . . . .1041
Displaying a list of secure and denied MAC addresses. . . . .1041
Displaying information when violation action is restrict . . . 1042
Displaying information when violation action is deny . . . . . 1043
Transparent port flooding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1043
Configuring 802.1x Port Security
Overview of 802.1x port security . . . . . . . . . . . . . . . . . . . . . . . . . 1045
IETF RFC support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045
How 802.1x port security works. . . . . . . . . . . . . . . . . . . . . . . . . . 1045
Device roles in an 802.1x configuration . . . . . . . . . . . . . . . 1046
Communication between the devices . . . . . . . . . . . . . . . . . .1047
Controlled and uncontrolled ports . . . . . . . . . . . . . . . . . . . . 1048
Message exchange during authentication . . . . . . . . . . . . . . 1049
Authenticating multiple clients connected to the same
port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1050
802.1x port security and sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . 1052