To Next Page

To Previous Page

Configuring MAC Locking show maclock

24-2 Security Configuration

•FlowSetupThrottling(FST)—preventstheeffectsofDoSattacksbylimitingthenumberof

neworestablishedflowsthatcanbeprogrammedonanyindividualswitchport.Fordetails,

referto“ConfiguringFlowSetupThrottling(FST)”onpage 24‐25.

Configuring MAC Locking

Purpose

Toreview,disable,enableandconfigureMAClocking.ThislocksaMACaddresstooneormore

ports,preventingconnectionofunauthorizeddevicesviatheport(s).WhensourceMAC

addressesarereceivedonspecifiedports,theswitchdiscardsallsubsequentframesnot

containingtheconfiguredsourceaddresses.Theonlyframesforwarded

ona“locked”portare

thosewiththe“locked”MACaddress(es)forthatport.

Commands

show maclock

UsethiscommandtodisplaythestatusofMAClockingononeormoreports.

Syntax

show maclock [port_string]

Note: Matrix DFE-Gold Series modules allow for up to 32 MAC addresses to be locked per port.

For information about... Refer to page...

show maclock 24-2

show maclock stations 24-4

set maclock enable 24-5

set maclock disable 24-5

set maclock 24-6

set maclock firstarrival 24-7

set maclock move 24-7

clear maclock firstarrival 24-8

set maclock static 24-8

clear maclock static 24-9

set maclock trap 24-9

clear maclock 24-10

Enterasys Matrix DFE-Gold Series User Manual

Questions and Answers: