beautypg.com

Configuring a secure mac address entry manually – H3C Technologies H3C S3600 Series Switches User Manual

Page 204

background image

1-14

z

If the amount of secure MAC address entries has not yet reach the maximum number, the port will

learn new MAC addresses and save them as secure MAC addresses.

z

If the amount of secure MAC address entries reaches the maximum number, the port will not be

able to learn new MAC addresses and the port mode will be changed from autoLearn to secure.

The manually configured secure MAC addresses are written to the configuration file; they will not get

lost no matter whether the port is up or down. As long as the configuration file is saved, the secure MAC

addresses can be restored after the switch restarts.

Configuring a secure MAC address entry manually

Before configuring a secure MAC address entry for a port manually, ensure that:

z

Port security is enabled.

z

The maximum number of secure MAC addresses allowed on the port is set.

z

The security mode of the port is set to autoLearn.

Follow these steps to configure a secure MAC address entry manually:

To do...

Use the command...

Remarks

Enter system view

system-view

In system
view

mac-address security mac-address
interface interface-type interface-number vlan
vlan-id

interface interface-type interface-number

Add a secure
MAC address
entry

In Ethernet
port view

mac-address security mac-address vlan
vlan-id

Either is
required.

By default, no
secure MAC
address entry is
configured.

Configuring an aging time for learned secure MAC address entries

By default, learned secure MAC addresses will never age out; they are deleted only when the port

security feature is disabled or the security mode is not autoLearn any more. However, the learned

secure MAC addresses are not deleted when the security mode turns to the secure mode from

autoLearn.

You can configure an aging time for secure MAC address entries. When the timer of an entry expires,

the entry is removed from the secure MAC address table.

Follow these steps to configure an aging time for learned secure MAC address entries:

To do...

Use the command...

Remarks

Enter system view

system-view

Enable port security

port-security enable

Configure the aging time for
learned secure MAC address
entries

port-security timer autolearn
age

Required

Aging of MAC address entries
is disabled by default.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: