CLI Reference Port-based Flow Control Configuration Commands
Discard the packets breaching the security, send the
Trap message and disable the interface.
Interface configuration mode.
With port security, you can strictly control the input on a specific port by restricting
access to the MAC address and IP address (optional) of the port on the switch.
After you configure some secure addresses for the port security-enabled port,
only the packets from these addresses can be forwarded. In addition, you can
also restrict the maximum number of secure addresses on a port. If you set the
maximum value to 1 and configure one secure address for this port, the
workstation (whose address is the configured secure Mac address) connected to
this port will occupy all the bandwidth of this port exclusively.
This example shows how to enable port security on interface gigabitethernet 1/1,
and the way to deal with violation is shutdown:
Ruijie(config)#interface gigabitethernet 1/1
Ruijie(config-if)# switchport port-security
Ruijie(config-if)# switchport port-security violation shutdown
Show port security settings.
switchport port-security aging
Use this command to set the aging time for all secure addresses on a interface. To enable this function,
you need to set the maximum number of secure addresses. In this way, you can make the switch
automatically add or delete the secure addresses on the interface. Use the no form of the command to
apply the aging time on automatically learned address or to disable the aging.
switchport port-security aging {static | time time }
no switchport port-security aging {static | time }
Apply the aging time to both manually
configured secure addresses and
automatically learned addresses.
Otherwise, apply it to only the
automatically learned secure addresses.
To Next Page
Loading...
Need help?
General