Filter
Top Products
Brocade ICX 6650 Security Configuration Guide 205
53-1002601-01
MAC port security configuration
Specifying secure MAC addresses
You can configure secure MAC addresses on tagged and untagged interfaces.
On an untagged interface
To specify a secure MAC address on an untagged interface, enter commands such as the following.
Brocade(config)# interface ethernet 1/1/7
Brocade(config-if-e10000-1/1/7)# port security
Brocade(config-port-security-e10000-1/1/7)# secure-mac-address 0000.0018.747C
Syntax: [no] secure-mac-address mac-address
On a tagged interface
When specifying a secure MAC address on a tagged interface, you must also specify the VLAN ID.
To do so, enter commands such as the following.
Brocade(config)# interface ethernet 1/1/7
Brocade(config-if-e10000-1/1/7)# port security
Brocade(config-port-security-e10000-1/1/7)# secure-mac-address 0000.0018.747C 2
Syntax: [no] secure-mac-address mac-address vlan-ID
NOTE
If MAC port security is enabled on a port and you change the VLAN membership of the port, make
sure that you also change the VLAN ID specified in the secure-mac-address configuration statement
for the port.
When a secure MAC address is applied to a tagged port, the VLAN ID is generated for both tagged
and untagged ports. When you display the configuration, you will see an entry for the secure MAC
addresses. For example, you might see an entry similar to the following line.
secure-mac-address 0000.0011.2222 10
This line means that MAC address 0000.0011.2222 on VLAN 10 is a secure MAC address.
Autosaving secure MAC addresses to the
startup configuration
Learned MAC addresses can automatically be saved to the startup configuration at specified
intervals. The autosave feature saves learned MAC addresses by copying the running configuration
to the startup configuration.
For example, to automatically save learned secure MAC addresses every 20 minutes, enter the
following commands.
Brocade(config)# port security
Brocade(config-port-security)# autosave 20
Syntax: [no] autosave minutes