4 port security – PLANET GS-4210-24P2S User Manual
Page 219
User’s Manual of GS-4210-24P2S
4.9.4 Port Security
This page allows you to configure the Port Security Limit Control system and port settings. Limit Control allows for limiting the
number of users on a given port. A user is identified by a MAC address and VLAN ID. If Limit Control is enabled on a port, the
es the maximum number of users on the port. If this number is exceed is taken. The action can be one
of four different as described below.
The Limit Control module is one of a range of modules that utilizes a lower-layer module, the Port Security module, which
manages MAC addresses, learned on the port.
The Limit Control configuration consists of two sections, a system- and a port-wid. The IP Source Guard Static Binding Entry
and Table Status screens in
Figure 4-9-29
&
Figure 4-9-30
appear.
Figure 4-9-29:
Port Security Setting Page Screenshot
The page includes the following fields:
Object
Description
Port
Select port for this drop down list.
Security
Enable or disable the port security.
Max L2 Entry
The maximum number of MAC addresses that can be secured on this port. If the
limit is exceeded, the corresponding action is taken.
The switch is "born" with a total number of MAC addresses from which all ports
draw whenever a new MAC address is seen on a Port Security-enabled port.
Since all ports draw from the same pool, it may happen that a configured
maximum cannot be granted, if the remaining ports have already used all
available MAC addresses.
Action
If Limit is reached, the switch can take one of the following actions:
Forward
: Do not allow more than Limit MAC addresses on the port, but take
no further action.
Discard
: If Limit + 1 MAC addresses is seen on the port, it will trigger the
action that do not learn the new MAC and drop the package.
Discard/SNMP/Log
: If Limit + 1 MAC addresses is seen on the port, it will
trigger the action that do not learn the new MAC and drop the package. Also
appears under SNMP and System log.
219