How to configure MAC based port security on Dell N2000, N3000, and N4000 series switches.
Dell EMC Networking N-Series configuring MAC based port security on switches.
Résumé:Dell EMC Networking N-Series configuring MAC based port security on switches.
Cet article a peut-être été traduit automatiquement. Si vous avez des commentaires concernant sa qualité, veuillez nous en informer en utilisant le formulaire au bas de cette page.
Contenu de l’article
Instructions
Article Summary: This article shows how to configure MAC based port security on Dell N Series switches
Table of Contents
How to enable MAC based port security on the N Series Switch
How to statically add MAC address to an Interface
How to configure a maximum amount of allowed MAC addresses
How to configure the maximum limit of dynamically learned mac addresses on a specific interface
How to enable MAC based port security on the N series switch
Command
Parameters
console>enable
Enter enable Privilege Exec mode.
console#config
Enter configuration mode.
console(config)#switchport port-security
Enable port security globally on the switch.
console(config)#interface gi1/0/5
Enter specific interface that needs port security.
Note: When port security is enabled on an interface, all dynamic MAC addresses learned on that port are removed, and the port re-learns any MAC addresses on that interface.
How to statically add MAC addresses to an interface
Command
Parameters
console#config
Enter configuration mode.
console(config)# mac address-table static c2f3.220a.12f4 vlan 1 interface gi1/0/5
This adds the MAC address c2f3.220a.12f4 to the MAC table for interface gi1/0/5.
console(config)#no mac address-table static c2f3.220a.12f4 vlan 1 interface gi1/0/5
Add "no" to the beginning of the command to remove the MAC address.
How to configure a maximum amount of allowed Static MAC addresses
Command
Parameters
console#config
Enter configuration mode.
console(config)#interface gi1/0/5
Enter specific interface that needs port security.
console(config-if-Gi1/0/5)#switchport port-security maximum 3
Sets the max limit of static MAC addresses to 3. Range is <0-100> Default is 100.
Note: To clear dynamically learned MAC addresses from a port, you must perform the following example command. console#clear mac address-table dynamic interface gi1/0/5
Note: By default when port security violations occur, the port discards any frames on that interface originating from violating MAC addresses. The port is not shut down. If you are wanting the port to actually shut down you will need to add this command to the specific interfaces that require that feature: (config-if-Gi1/0/5)#switchport port-security violation shutdown :
How to configure the maximum limit of dynamically learned mac addresses on a specific interface
Command
Parameters
console#config
Enter configuration mode.
console(config)#interface gi1/0/5
Enter specific interface that needs port security.