100
Chapter 20 Address Commands
Address configuration can improve the network security by configuring the Port Security and
maintaining the address information by managing the Address Table.
bridge address port-security
Description
The bridge address port-security command is used to configure port security.
To return to the default configuration, please use no bridge address
port-security command. Port Security is to protect the switch from the
malicious MAC address attack by limiting the maximum number of the MAC
addresses that can be learned on the port. The port with Port Security feature
enabled will learned the MAC address dynamically. When the learned MAC
address number reaches the maximum, the port will stop learning. Therefore,
the other devices with the MAC address unlearned can not access to the
network via this port.
Syntax
bridge address port-security [max-number {num}] [ mode {dynamic | static |
permanent} ] [ status {disable | enable} ]
no bridge address port-security
Parameter
num —— The maximum number of MAC addresses that can be learned on the
port. It ranges from 0 to 1024. By default this value is 1024.
mode —— Learn mode for MAC addresses. There are three modes, including
Dynamic mode, Static mode and Permanent mode. When Dynamic mode is
selected, the learned MAC address will be deleted automatically after the aging
time. When Static mode is selected, the learned MAC address will be out of the
influence of the aging time and can only be deleted manually. The learned
entries will be cleared after the switch is rebooted. When permanent mode is
selected, the learned MAC address will be out of the influence of the aging time
and can only be deleted manually too. However, the learned entries will be
saved even the switch is rebooted.
status —— Enable or disable the Port Security function for a specified port. By
default, this function is disabled.