Operation Manual – Port Security-Port Binding
H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1
Port Security Configuration
1-6
z If the amount of security MAC addresses has not yet reach the maximum number,
the port will learn new MAC addresses and turn them to security MAC addresses;
z If the amount of security MAC addresses reaches the maximum number, the port
will not be able to learn new MAC addresses and the port mode will be changed
from autolearn to secure.
Note:
The security MAC addresses manually configured are written to the configuration file;
they will not get lost when the port is up or down. As long as the configuration file is
saved, the security MAC addresses can be restored after the switch reboots.
Table 1-3 Configure a security MAC address
Operation Command Description
Enter system view
system-view
—
Enable port security
port-security enable
Required
Enter Ethernet port view
interface interface-type
interface-number
—
Set the maximum
number of security MAC
addresses allowed on
the port
port-security
max-mac-count
count-value
Required
By default, there is no
limit on the maximum
number of security MAC
addresses.
Set the port security
mode to autolearn
port-security port-mode
autolearn
Required
Add a security MAC
address
mac-address security
mac-address [ interface
interface-type
interface-number ] vlan
vlan-id
Required
You can execute this
command in system view
as well as Ethernet port
view. When using this
command in system view,
you should specify
interface interface-type
interface-number.
Note that:
1) If the port-security port-mode autolearn command is configured on a port, you
should not configure the following on the same port:
z Static and black-hole MAC addresses
z Voice VLAN feature
z 802.1x feature
To Next Page
Loading...
Need help?
General