Specifying secure mac addresses, On an untagged interface, On a tagged interface – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 225

Advertising
background image

Brocade ICX 6650 Security Configuration Guide

205

53-1002601-01

MAC port security configuration

Specifying secure MAC addresses

You can configure secure MAC addresses on tagged and untagged interfaces.

On an untagged interface

To specify a secure MAC address on an untagged interface, enter commands such as the following.

Brocade(config)# interface ethernet 1/1/7
Brocade(config-if-e10000-1/1/7)# port security
Brocade(config-port-security-e10000-1/1/7)# secure-mac-address 0000.0018.747C

Syntax: [no] secure-mac-address mac-address

On a tagged interface

When specifying a secure MAC address on a tagged interface, you must also specify the VLAN ID.
To do so, enter commands such as the following.

Brocade(config)# interface ethernet 1/1/7
Brocade(config-if-e10000-1/1/7)# port security
Brocade(config-port-security-e10000-1/1/7)# secure-mac-address 0000.0018.747C 2

Syntax: [no] secure-mac-address mac-address vlan-ID

NOTE

If MAC port security is enabled on a port and you change the VLAN membership of the port, make
sure that you also change the VLAN ID specified in the secure-mac-address configuration statement
for the port.

When a secure MAC address is applied to a tagged port, the VLAN ID is generated for both tagged
and untagged ports. When you display the configuration, you will see an entry for the secure MAC
addresses. For example, you might see an entry similar to the following line.

secure-mac-address 0000.0011.2222 10

This line means that MAC address 0000.0011.2222 on VLAN 10 is a secure MAC address.

Autosaving secure MAC addresses to the
startup configuration

Learned MAC addresses can automatically be saved to the startup configuration at specified
intervals. The autosave feature saves learned MAC addresses by copying the running configuration
to the startup configuration.

For example, to automatically save learned secure MAC addresses every 20 minutes, enter the
following commands.

Brocade(config)# port security
Brocade(config-port-security)# autosave 20

Syntax: [no] autosave minutes

Advertising
Popular Brands
Popular manuals