Configuring the maximum mac addresses per port, Configuring a mac-based vlan for a static host, Disabling the aging on interfaces – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 239

Advertising
background image

Brocade ICX 6650 Security Configuration Guide

219

53-1002601-01

MAC-based VLAN configuration

Disabling the aging on interfaces

To disable aging on a specific interface where MAC-based VLAN has been enabled, enter the
command at the interface level.

Brocade(config)# interface ethernet 1/3/1
Brocade(config-if-e10000-1/3/1)# mac-authentication disable-aging

Syntax: [no] mac-authentication disable-aging

Configuring the maximum MAC addresses per port

To configure the maximum number of MAC addresses allowed per port, use the following
commands:

Brocade(config)# interface ethernet 1/1/1
Brocade(config-if-e10000-1/1/1)# mac-authentication mac-vlan max-mac-entries 24

NOTE

32 MAC addresses maximum are allowed per port. This total includes both static and dynamic hosts.
The default number of allowed MACs is 2. Even though the feature supports up tp a maximum of 32
MAC address per physical port, the configuration of the maximum number of MAC addresses per
port is limited by the available hardware resources.

NOTE

To change the maximum MAC addresses per port, you must first disable MAC-based VLAN on that
port.

Configuring a MAC-based VLAN for a static host

Follow the steps given below to configure a MAC-based VLAN for a static host.

1. Enable multi-device port authentication globally using the following command.

Brocade(config)# mac-authentication enable

2. Add each port on which you want MAC-based VLAN enabled as mac-vlan-permit for a specific

VLAN.

Brocade(config)# vlan 10 by port
Brocade(config-vlan-10)# mac-vlan-permit ethernet 1/1/1 to 1/1/6
added mac-vlan-permit ports ethe 1/1/1 to 1/1/6 to port-vlan 10.

3. Add the static MAC-based VLAN configuration on the port.

Brocade(config)# interface ethernet 1/1/1
Brocade(config-if-e10000-1/1/1)# mac-authentication mac-vlan 0000.0010.0011
vlan 10 priority 5

4. To enable MAC-based VLAN on the port.

Brocade(config)# interface ethernet 1/1/1
Brocade(config-if-e10000-1/1/1)# mac-authentication mac-vlan enable

5. To disable MAC-based VLAN on the port.

Brocade(config)# interface ethernet 1/1/1
Brocade(config-if-e10000-1/1/1)# mac-auth mac-vlan disable

Advertising
Popular Brands
Popular manuals