5.
(Optional)
copy running-config startup-config
DETAILED STEPS
Purpose
Command or Action
Enters global configuration mode.
configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Enters interface configuration mode, where
slot
is the
interface that you want to configure with the maximum
number of MAC addresses.
Enter one of the following commands:
Step 2
•
interface ethernet slot
/
port
•
interface port-channel channel-number
Example:
switch(config)# interface ethernet 2/1
switch(config-if)#
Configures the maximum number of MAC addresses that
can be learned or statically configured for the current
[
no
]
switchport port-security maximum number
[
vlan
vlan-ID
]
Step 3
interface. The highest valid
number
is 1025. The
no
option
Example:
resets the maximum number of MAC addresses to the
default, which is 1.
switch(config-if)# switchport port-security maximum
425
If you want to specify the VLAN that the maximum applies
to, use the
vlan
keyword.
Displays the port security configuration.
(Optional)
show running-config port-security
Example:
Step 4
switch(config-if)# show running-config
port-security
Copies the running configuration to the startup
configuration.
(Optional)
copy running-config startup-config
Example:
Step 5
switch(config-if)# copy running-config
startup-config
Configuring an Address Aging Type and Time
You can configure the MAC address aging type and the length of time that the device uses to determine when
MAC addresses learned by the dynamic method have reached their age limit.
Absolute aging is the default aging type.
By default, the aging time is 0 minutes, which disables aging.
Before you begin
You must have enabled port security globally.
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
320
Configuring Port Security
Configuring an Address Aging Type and Time