beautypg.com

Secure mac movement, Mac port security configuration, Enabling the mac port security feature – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 219: Interface

background image

Secure MAC movement

If you move a connected device that has MAC address configured as secure on one port to another
port, the FastIron device connects through the new port without waiting for the MAC address to age out
on the previous port. This MAC movement feature is supported when the connected device moves from
a secure port to another secure or non-secure port.

MAC movement feature is not supported in the following cases:

• MAC address is permanently secured to a port with age 0 command.
• MAC address causes a MAC security violation on the previous port.

MAC port security configuration

To configure the MAC port security feature, perform the following tasks:

• Enable the MAC port security feature
• Set the maximum number of secure MAC addresses for an interface
• Set the port security age timer
• Specify secure MAC addresses
• Configure the device to automatically save secure MAC addresses to the startup-config file
• Specify the action taken when a security violation occurs

Enabling the MAC port security feature

By default, the MAC port security feature is disabled on all interfaces. You can enable or disable the
feature on all interfaces at once, or on individual interfaces.

To enable the feature on all interfaces at once, enter the following commands.

device(config)#port security

device(config-port-security)#enable

To disable the feature on all interfaces at once, enter the following commands.

device(config)#port security

device(config-port-security)#no enable

To enable the feature on a specific interface, enter the following commands.

device(config)#interface ethernet 7/11

device(config-if-e1000-7/11)#port security

device(config-port-security-e1000-7/11)#enable

Syntax: port security

Syntax: no enable

Setting the maximum number of secure MAC addresses for an interface

When MAC port security is enabled, an interface can store one secure MAC address. You can increase
the number of MAC addresses that can be stored to a maximum of 64, plus the total number of global
resources available.

Secure MAC movement

FastIron Ethernet Switch Security Configuration Guide

219

53-1003088-03

See also other documents in the category Brocade Computer Accessories: