Filter
Top Products
xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual
26
6
PORT SECURITY COMMANDS
The Switch’s port security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the
following table.
Command Parameters
config port_security ports [<portlist> | all] {admin_state [enable| disable] |
max_learning_addr <max_lock_no 0-16> |
lock_address_mode [Permanent | DeleteOnTimeout |
DeleteOnReset]}
delete port_security_entry vlan_name <vlan_name 32> port <port> mac_address <macaddr>
clear port_security_entry port <portlist>
show port_security {ports <portlist>}
Each command is listed, in detail, in the following sections.
config port_security ports
Purpose
Used to configure port security settings.
Syntax config port_security ports [<portlist> | all] {admin_state [enable|
disable] | max_learning_addr <max_lock_no 0-16> |
lock_address_mode [Permanent | DeleteOnTimeout |
DeleteOnReset]}
Description
This command allows for the configuration of the port security feature.
Only the ports listed in the <portlist> are affected.
Parameters
portlist − Specifies a port or range of ports to be configured. The port list
is specified by listing the lowest switch number and the beginning port
number on that switch, separated by a colon. Then the highest switch
number, and the highest port number of the range (also separated by a
colon) are specified. The beginning and end of the port list range are
separated by a dash. For example, 1:3 specifies switch number 1, port 3.
2:4 specifies switch number 2, port 4. 1:3-2:4 specifies all of the ports
between switch 1, port 3 and switch 2, port 4 − in numerical order. Non-
contiguous portlist entries are separated by a comma. (ex: 1:1-1:3,1:7-1:9)
all − Configure port security for all ports on the Switch.
admin_state [enable | disable] – Enable or disable port security for the
listed ports.
max_learning_addr <max_lock_no 0-16> - Use this to limit the number of
MAC addresses dynamically listed in the FDB for the ports.
lock_address_mode [Permanent | DeleteOnTimout | DeleteOnReset] –
Indicates the method of locking addresses. The user has three choices:
! Permanent – The locked addresses will not age out after the
aging timer expires.
! DeleteOnTimeout – The locked addresses will age out after the
aging timer expires.
! DeleteOnReset – The locked addresses will not age out until the
Switch has been reset.
Restrictions
Only administrator-level users can issue this command.
Example usage:
To configure the port security: