xStack DES-6500 Modular Layer 3 Chassis Ethernet Switch CLI Manual
6
P
ORT
S
ECURITY
C
OMMANDS
The port security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the
following table.
Command Parameters
config port_security ports
[<portlist> | all] {admin_state [enabled | disabled] |
max_learning_addr <max_lock_no 0-64> |
lock_address_mode [Permanent | DeleteOnTimeout |
DeleteOnReset]}
show port_security
{ports <portlist>}
delete
port_security_entry_vlan_name
<vlan_name 32> port <port> mac_address <macaddr>
Each command is listed, in detail, in the following sections.
config port_security ports
Purpose
Used to configure port security settings.
Syntax
[<portlist> | all] {admin_state [enabled | disabled] |
max_learning_addr <max_lock_no 0-64> |
lock_address_mode [Permanent | DeleteOnTimeout |
DeleteOnReset]}
Description
This command allows for the configuration of the port security
feature. Only the ports listed in the
<portlist>
are effected.
Parameters
<portlist>
−
Specifies a range of ports to be displayed. The port
list is specified by listing the lowest slot number and the beginning
port number on that slot, separated by a colon. Then the highest
slot number, and the highest port number of the range (also
separated by a colon) are specified. The beginning and end of the
port list range are separated by a dash. For example, 1:3 specifies
slot number 1, port 3. 2:4 specifies slot number 2, port 4. 1:3-2:4
specifies all of the ports between slot 1, port 3 and slot 2, port 4
−
in numerical order.
all
−
Configure port security for all ports on the Switch.
admin_state [enabled | disabled]
– Enable or disable port security
for the listed ports.
max_learning_addr <max_lock_no 0-64>
- Use this to limit the
number of MAC addresses dynamically listed in the FDB for the
ports.
lock_address_mode [Permanent | DeleteOnTimeout |
DeleteOnReset]
– Indicates the method of locking addresses. The
user has three choices:
Permanent
– The locked addresses will not age out after
the aging timer expires.
DeleteOnTimeout
– The locked addresses will age out
after the aging timer expires.
DeleteOnReset
– The locked addresses will not age out
until the Switch has been reset.
Restrictions Only
administrator-level users can issue this command.
28