On an untagged interface, On a tagged interface – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 1028
994
Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Configuring the MAC port security feature
On an untagged interface
To specify a secure MAC address on an untagged interface, enter commands such as the following.
TurboIron(config)#int e 11
TurboIron(config-if-e10000-11)#port security
TurboIron(config-port-security-e10000-11)#secure-mac-address 0000.0018.747C
Syntax: [no] secure-mac-address <mac-address>
On a tagged interface
When specifying a secure MAC address on a tagged interface, you must also specify the VLAN ID.
To do so, enter commands such as the following.
TurboIron(config)#int e 11
TurboIron(config-if-e10000-11)#port security
TurboIron(config-port-security-e10000-11)#secure-mac-address 0000.0018.747C 2
Syntax: [no] secure-mac-address <mac-address>
NOTE
If MAC port security is enabled on a port and you change the VLAN membership of the port, make
sure that you also change the VLAN ID specified in the secure-mac-address configuration statement
for the port.
When a secure MAC address is applied to a tagged port, the vlan-id is generated for both tagged
and untagged ports. When you display the configuration, you will see an entry for the secure MAC
addresses secure-mac-address <address>
following line.
secure-mac-address 0000.0011.2222 10
This line means that MAC address 0000.0011.2222 on VLAN 10 is a secure MAC address.
Autosaving secure MAC addresses to the
startup-config file
Learned MAC addresses can automatically be saved to the startup-config file at specified intervals.
For example, to automatically save learned secure MAC addresses every twenty minutes, enter the
following commands.
TurboIron(config)#port security
TurboIron(config-port-security)#autosave 20
Syntax: [no] autosave <minutes>
You can specify from 15 – 1440 minutes. By default, secure MAC addresses are not autosaved to
the startup-config file.