22-18
Catalyst 2928 Switch Software Configuration Guide
OL-23389-01
Chapter 22 Configuring Port-Based Traffic Control
Configuring Port Security
To disable port security aging for all secure addresses on a port, use the
no switchport port-security
aging
time
interface configuration command. To disable aging for only statically configured secure
addresses, use the
no switchport port-security
aging
static
interface configuration command.
This example shows how to set the aging time as 2 hours for the secure addresses on a port:
Switch(config)#
interface gigabitethernet0/1
Switch(config-if)#
switchport port-security aging time 120
This example shows how to set the aging time as 2 minutes for the inactivity aging type with aging
enabled for the configured secure addresses on the interface:
Switch(config-if)#
switchport port-security aging time 2
Switch(config-if)#
switchport port-security aging type inactivity
Switch(config-if)#
switchport port-security aging static
You can verify the previous commands by entering the
show port-security interface
interface-id
privileged EXEC command.
Displaying Port-Based Traffic Control Settings
The
show interfaces
interface-id
switchport
privileged EXEC command displays (among other
characteristics) the interface traffic suppression and control configuration. The
show storm-control
and
show port-security
privileged EXEC commands display those storm control and port security settings.
To display traffic control information, use one or more of the privileged EXEC commands in
.
Table 22-4
Commands for Displaying Traffic Control Status and Configuration
Command
Purpose
show interfaces
[
interface-id
]
switchport
Displays the administrative and operational status of all switching
(nonrouting) ports or the specified port, including port blocking and
port protection settings.
show storm-control
[
interface-id
] [
broadcast
|
multicast
|
unicast
]
Displays storm control suppression levels set on all interfaces or the
specified interface for the specified traffic type or for broadcast traffic
if no traffic type is entered.
show port-security
[
interface
interface-id
]
Displays port security settings for the switch or for the specified
interface, including the maximum allowed number of secure MAC
addresses for each interface, the number of secure MAC addresses on
the interface, the number of security violations that have occurred, and
the violation mode.
show port-security
[
interface
interface-id
]
address
Displays all secure MAC addresses configured on all switch interfaces
or on a specified interface with aging information for each address.
show port-security interface
interface-id
vlan
Displays the number of secure MAC addresses configured per VLAN
on the specified interface.