![]() Switchport port-security mac-address command. Static MAC address: These are the secure MAC addresses that are manually configured using the.There are three types of secure MAC addresses that are used in port MAC security: This feature effectively removes inactive secure addresses. An age limit can be set globally for all secure addresses on a port. After this time period the port transitions automatically to the operational state. A recovery interval is configured in seconds. To avoid having to intervene manually every time a port-security violation forces an interface into the shutdown state, the user can enable autorecovery for port security violations. NoteIf a source MAC address is learned on one secured port, and if the same MAC address ingresses on another secured port, a MAC move is allowed and is not considered a violation. All logical interface operations on the physical port are disabled. Traffic in violation is silently dropped until the number of secure address configures drops below the maximum. The physical port is shut immediately and drops all traffic. ![]() Switch responses to security violations Response If a violation occurs, the switch responds according to one of three modes, as summarized in the following table. If the device reaches the maximum limit for the number of secure MAC addresses allowed on the interface and if the interface receives a packet with a source MAC address that is different from any of the secure learned addresses, it is considered a security violation. ![]() The secure MAC addresses can be specified statically or learned dynamically. The interface forwards only packets with source MAC addresses that match these secure addresses. ![]() Port MAC security (PMS) feature allows you to configure the device to learn a limited number of secure MAC addresses on an interface. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |