38-8
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 38 Configuring Port Security
Configuring Port Security on the Switch
Setting the Port Security Aging Type
Note The set port security mod/port timer-type {absolute | inactivity} command is supported on the
Supervisor Engine 720 and Supervisor Engine 32 only.
In software release 8.2(1) and later releases, you can set the type of aging to be applied to the addresses
that were learned dynamically on a per-port basis. The two types of aging are as follows:
• Absolute aging—Times out the MAC address after the age_time has been exceeded, regardless of
the traffic pattern. This is the default for any secured port, and the age_time is set to 0.
• Inactivity aging—Times out the MAC address only after the age_time of inactivity from the
corresponding host has been exceeded.
To set the port-security aging type for the dynamically learned addresses on a per-port basis, perform
this task in privileged mode:
This example shows how to set the different port-security aging types on port 5/1:
Console> (enable) set port security 5/1 timer-type absolute
Port 5/1 security timer type absolute.
Console> (enable) set port security 5/1 timer-type inactivity
Port 5/1 security timer type inactive.
Console> (enable)
Clearing the MAC Addresses
Enter the clear port security command to clear the MAC addresses from a list of secure addresses on a
port.
Note If you enter the clear command on a MAC address that is in use, that MAC address may be learned and
made secure again. We recommend that you disable port security before you clear the MAC addresses.
Task Command
Set the port-security aging type for the addresses
learned dynamically on a per-port basis.
set port security mod/port timer-type {absolute
| inactivity}
To Next Page
Loading...
Need help?
General