Address Table Commands 103
port security
The port security Interface Configuration mode command locks the port. By locking the port, new
addresses are not learned on the port. To enable new address learning, use the no form of the port
security command.
Syntax
•
port security
[
forward
|
discard |
discard-shutdown
] [
trap
seconds
]
• no port security
•
forward
— Forwards frames with unlearned source addresses, but does not learn the address.
•
discard
— Discards frames with unlearned source addresses. This is the default if no option is
indicated.
•
discard-shutdown
— Discards frames with unlearned source addresses. The port is also shut down.
•
trap
Seconds
— Sends SNMP traps and defines the minimal amount of time in seconds between
two consecutive traps. (Range: 1 - 1,000,000)
Default Configuration
Disabled — No port security.
Command Mode
Interface Configuration (Ethernet, port-channel) mode.
User Guidelines
• There are no user guidelines for this command.
Example
In this example, frame forwarding is enabled without learning, and with traps sent every 100 seconds on
port g1.
port security mode
The port security mode Interface Configuration (Ethernet, port-channel) mode command configures
the port security learning mode. Use the no form of this command to restore the default configuration.
Console (config)# interface ethernet g1
Console (config-if)# port security forward trap 100
Console (config-if)# port security discard trap 100
Console (config-if)# port security discard-shutdown trap 100
5400_CLI.book Page 103 Wednesday, December 17, 2008 4:33 PM
To Next Page
Loading...
