Static secure mac address (mac id), Security violations, Etherchannels – Rockwell Automation 1783-BMxxx Stratix 5700 Ethernet Managed Switches User Manual User Manual

Page 98

Advertising
background image

98

Rockwell Automation Publication 1783-UM004E-EN-P - June 2014

Chapter 3 Switch Software Features

Static Secure MAC Address (MAC ID)

The other method of limiting MAC IDs is to statically configure one or more
MAC IDs for a port by defining them via port security on the Device Manager
Web interface. These addresses become part of the saved configuration of the
switch. This method provides strong security. However, if you replace any devices
connected to the port, you must reconfigure the MAC IDs because the new
devices have different MAC IDs than the previous devices.

Security Violations

It is a security violation when one of these situations occurs:

The maximum number of secure MAC addresses that have been

configured for a port have been added to the address table, and a station
whose MAC address is not in the address table attempts to access the
interface.

An address learned or configured on one secure interface is seen on

another secure interface in the same VLAN.

When a violation occurs, the port goes into the Restrict mode. In this mode,
packets with unknown source addresses are dropped and you are notified that a
security violation has occurred. An SNMP trap is sent, a syslog message is logged,
and the violation counter increments.

EtherChannels

An EtherChannel (or port group) is a group of two or more Fast Ethernet or
Gigabit Ethernet switch ports bundled into a single logical link, creating a higher
bandwidth link between two switches.

The switch supports up to six EtherChannels. Each EtherChannel can consist of
up to eight compatible, configured ethernet ports. EtherChannels do not apply
to switches with lite firmware.

The following figure shows two EtherChannels. Two full-duplex 10/100/1000-
Mbps ports on Switches A and C create an EtherChannel with a bandwidth of up
to 4 Gbps between both switches. Similarly, two full-duplex 10/100 ports on
Switches B and D create an EtherChannel with a bandwidth of up to 400 Mbps
between both switches.

If one of the ports in the EtherChannel becomes unavailable, traffic is sent
through the remaining ports within the EtherChannel.

Advertising
Popular Brands
Popular manuals