59
Command Mode
Global Configuration Mode
Example
Add a filtering address entry of which VLAN ID is 1 and MAC address is
00:1e:4b:04:01:5d:
T1500-28PCT(config)# mac address-table filtering 00:1e:4b:04:01:5d vid 1
mac address-table max-mac-count
Description
The mac address-table max-mac-count command is used to configure the
Port Security. To return to the default configurations, please use no mac
address-table max-mac-count command. Port Security is to protect the switch
from the malicious MAC address attack by limiting the maximum number of the
MAC addresses that can be learned on the port. The port with Port Security
feature enabled will learned the MAC address dynamically. When the learned
MAC address number reaches the maximum, the port will stop learning.
Therefore, the other devices with the MAC address unlearned can not access to
the network via this port.
Syntax
mac address-table max-mac-count {[ max-number num ] [ mode { dynamic |
static | permanent }] [ status { disable | enable }]}
no mac address-table max-mac-count
Parameter
num —— The maximum number of MAC addresses that can be learned on the
port. It ranges from 0 to 64. By default this value is 64.
dynamic | static | permanent —— Learn mode for MAC addresses. There are
three modes, including Dynamic mode, Static mode and Permanent mode.
When Dynamic mode is selected, the learned MAC address will be deleted
automatically after the aging time. When Static mode is selected, the learned
MAC address will be out of the influence of the aging time and can only be
deleted manually. The learned entries will be cleared after the switch is rebooted.
When permanent mode is selected, the learned MAC address will be out of the
influence of the aging time and can only be deleted manually too. However, the
learned entries will be saved even the switch is rebooted.
status —— Enable or disable the Port Security function for a specified port. By
default, this function is disabled.