beautypg.com

Globally enabling mac port security, Enabling mac port security on an interface – Brocade BigIron RX Series Configuration Guide User Manual

Page 1109

background image

BigIron RX Series Configuration Guide

1031

53-1002484-04

Configuring the MAC Port Security feature

33

Globally enabling MAC Port Security

To enable the feature globally.

BigIron RX(config)# global-port security

BigIron RX(config-port-security)# enable

To disable the feature on all interfaces at once.

BigIron RX(config)# global-port security

BigIron RX(config-port-security)# no enable

Syntax: [no] global-port security

Syntax: [no] enable

Enabling MAC Port Security on an interface

To enable the feature on a specific interface.

BigIron RX(config)# interface ethernet 7/11

BigIron RX(config-if-e100-7/11)# port security

BigIron RX(config-port-security-e100-7/11)# enable

Syntax: port-security

Syntax: [no] enable

NOTE

Unless indicated in the sections below, MAC Port Security commands can be used to configure MAC
Port Security on the interface or global level. The examples presented below configure the
commands on an interface.

Setting the maximum number of secure MAC addresses for
an interface

When MAC Port Security feature is enabled, an interface can store one secure MAC address by
default. You can increase the number of MAC addresses that can be secured up to a maximum of
64, plus the total number of global resources available.

For example, to configure interface 7/11 to have a maximum of 10 secure MAC addresses.

BigIron RX(config)# interface ethernet 7/11

BigIron RX(config-if-e100-7/11)# port security

BigIron RX(config-if-e100-7/11)# maximum 10

Syntax: maximum <number-of-addresses>

Enter 0 - 64 for the <number-of-addresses> parameter for the interface; however, you can enter up
up to 4160 (64 + 4096). The maximum number of global resources is 4096, which are shared
among all the interfaces. One interface can use all of them or can use few and the remaining can
be use by other interfaces.

The default is 1. Setting the parameter to 0 prevents any MAC addresses from being learned.

See also other documents in the category Brocade Computer Accessories: