SH-E514TR1 10 Gigabit Ethernet SmartPro Switch User Manual
57
Restrict -
Drop all packets from the insecure hosts at the port-security process level and increments the
security-violation count and record the system log.
Shutdown -
Shut down the port if there is a security violation and record the system log.
Security Mode:
Select the security mode option here. Options to choose from are
Permanent
and
Delete-on-
Timeout
.
Permanent -
All learned MAC addresses will not be purged out unless the user manually deletes those entries.
Delete-on-Timeout -
All learned MAC addresses will be purged out when an entry is aged out or when the
user manually deletes these entries.
Aging Time:
Enter the aging time value used for auto-learned dynamic secured addresses on the specified port here.
This value must be between 0 and 1440 minutes.
Aging Type:
Select the aging type here. Options to choose from are
Absolute
and
Inactivity
.
Absolute -
All the secure addresses on this port age out exactly after the time specified and is removed from
the secure address list. This is the default type.
Inactivity -
The secure addresses on this port age out only if there is no data traffic from the secure source
address for the specified time period.
Click
Apply
to accept the changes made.
Port Security Address Entries
This window is used to view, clear and configure the port security address entries.
Figure 12-3 Port Security Address Entries
The fields that can be configured are described below:
Port:
Select the port used for the configuration here.
MAC Address:
Enter the MAC address here. Tick
Permanent
so that all learned MAC address will not be purged out
unless the user manually deletes those entries.
VID:
Enter the VLAN ID here. This value must be between 1 and 4094.
Click
Add
to add a new entry based on the information entered.
Click
Delete
to remove a new entry based on the information entered.
Click
Clear by Port
to clear the information based on the port selected.
Click
Clear by MAC
to clear the information based on the MAC address entered.
Click
Clear All
to clear all the information in this table.
Enter a page number and click
Go
to navigate to a specific page when multiple pages exist.
Traffic Segmentation Settings
This window is used to view and configure the traffic segmentation settings. When the traffic segmentation forwarding
domain is specified, packets received by the port will be restricted in Layer 2 packet forwarding to interfaces within the
domain. When the forwarding domain of a port is empty, Layer 2 forwarding for packets received by the port is not
restricted.
The traffic segmentation member list can be comprised of different interface types, for example port and port-channel
in the same forwarding domain. If the interfaces specified by the command include a port-channel, all the member
ports of this port-channel will be included in the forwarding domain.