Falcon R-Class | User Guide
109
Port
The port number to which the configuration below applies. Click the port
number to see the status for this port.
Refer to next page.
Users
Each of the user modules has a column that shows whether that module has
enabled Port Security or not. A '-' means that the corresponding user
module is not enabled, whereas a letter indicates that the user module
abbreviated by that letter (see Abbr above) has enabled port security.
Violation Mode
Shows the configured Violation Mode of the port. It can take one of four
values:
•
Disabled
: Port Security is not administratively enabled on this port.
•
Protect
: Port Security is administratively enabled in Protect mode.
•
Restrict
: Port Security is administratively enabled in Restrict mode.
•
Shutdown
: Port Security is administratively enabled in Shutdown mode.
State
Shows the current state of the port. It can take one of four values:
•
Disabled
: No user modules are currently using the Port Security service.
•
Ready
: The Port Security service is in use by at least one user module
and is awaiting the arrival of frames from unknown MAC addresses.
•
Limit Reached
: The Port Security service is enabled by at least the Limit
Control user module, and that module has indicated that the limit is
reached, and no more MAC addresses should be taken in.
•
Shutdown
: The Port Security service is enabled by at least the Limit
Control user module, and that module has indicated that the limit is
exceeded. No MAC addresses can be learned on the port until it is
administratively re-opened on the Limit Control configuration Webpage.
Mac Count
(Current,
Violating Limit)
The three columns indicate the number of currently learned MAC addresses
(forwarding as well as blocked), the number of violating MAC address (only
counting in Restrict mode) and the maximum number of MAC addresses
that can be learned on the port, respectively.
If no user modules are enabled on the port, the Current column will show a
dash (-).
If Port Security is not administratively enabled on the port, the Violating and
Limit columns will show a dash (-).
4.8.2.3
Port Security Port Status
This section shows the MAC addresses secured by the Port Security module. Port Security is a module
with no direct configuration. Configuration comes indirectly from other modules - the user modules.
When a user module has enabled port security on a port, the port is set-up for software-based
learning. In this mode, frames from unknown MAC addresses are passed on to the port security
module, which in turn asks all user modules whether to allow this new MAC address to forward or
block it. For a MAC address to be set in the forwarding state, all enabled user modules must
unanimously agree on allowing the MAC address to forward. If only one chooses to block it, it will be
blocked until that user module decides otherwise.
Notice that if you have added static or sticky MAC addresses, they will show up on this page only if
Port Security is enabled on the interface to which they pertain.