EasyManua.ls Logo

Cisco Nexus 9000 Series - Static Method; Dynamic Method; Sticky Method

Cisco Nexus 9000 Series
562 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
of MAC addresses by the static or dynamic methods. The way that the device stores secure MAC addresses
varies depending upon how the device learned the secure MAC address.
Static Method
The static learning method allows you to manually add or remove secure MAC addresses to the running
configuration of an interface. If you copy the running configuration to the startup configuration, static secure
MAC addresses are unaffected if the device restarts.
A static secure MAC address entry remains in the configuration of an interface until one of the following
events occurs:
You explicitly remove the address from the configuration.
You configure the interface to act as a Layer 3 interface.
Adding secure addresses by the static method is not affected by whether dynamic address learning is enabled.
Dynamic Method
By default, when you enable port security on an interface, you enable the dynamic learning method. With this
method, the device secures MAC addresses as ingress traffic passes through the interface. If the address is
not yet secured and the device has not reached any applicable maximum, it secures the address and allows
the traffic.
The device stores dynamic secure MAC addresses in memory. A dynamic secure MAC address entry remains
in the configuration of an interface until one of the following events occurs:
The device restarts
The interface restarts
The address reaches the age limit that you configured for the interface
You explicitly remove the address
You configure the interface to act as a Layer 3 interface
Sticky Method
If you enable the sticky method, the device secures MAC addresses in the same manner as dynamic address
learning, but the device stores addresses learned by this method in nonvolatile RAM (NVRAM). As a result,
addresses learned by the sticky method persist through a device restart. Sticky secure MAC addresses do not
appear in the running configuration of an interface.
Dynamic and sticky address learning are mutually exclusive. When you enable sticky learning on an interface,
the device stops dynamic learning and performs sticky learning instead. If you disable sticky learning, the
device resumes dynamic learning.
A sticky secure MAC address entry remains in the configuration of an interface until one of the following
events occurs:
You explicitly remove the address
You configure the interface to act as a Layer 3 interface
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
304
Configuring Port Security
Static Method

Table of Contents

Other manuals for Cisco Nexus 9000 Series

Preview: Manual
Manual30 pages
Preview: Troubleshooting Guide
Troubleshooting Guide126 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Quick Start Configuration Guide
Quick Start Configuration Guide6 pages
Preview: Installation
Installation12 pages
Preview: Installing
Installing8 pages

Related product manuals