Cisco 3845 - Security Bundle Router Software Manual page 381
Software configuration guide
Hide thumbs
Also See for 3845 - Security Bundle Router:
- Manual (94 pages) ,
- Quick start manual (38 pages) ,
- Hardware installation manual (418 pages)
Table of Contents
Advertisement
Chapter 19
Configuring Traffic Control
Command
Step 12
mac security aging {static | sticky |
time aging-time [inactivity]
Step 13
mac security sticky [address
mac-address]
Step 14
end
Step 15
show ethernet service instance
number interface interface-id mac
security [address | last violation |
statistics}
Step 16
copy running-config
startup-config
Use the no form of the commands to remove the configuration and return to the default configuration.
This example shows how to enable mac security on a service instance, permit the specified MAC address,
and to set the maximum number of secure addresses to 50. MAC security aging time is 750 minutes. The
violation mode is the default (errdisable) and sticky learning is enabled.
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport mode allowed VLAN none
Switch (config-if)# service instance 2 Ethernet
Switch (config-if-srv)# encapsulation dot1q
Switch (config-if-srv)# bridge-domain 2
Switch (config-if-srv)# mac security
Switch (config-if-srv)# mac security permit mac-address 0000.0000.0003
Switch (config-if-srv)# mac security maximum addresses 50
Switch (config-if-srv)# mac security aging time 750
Switch (config-if-srv)# mac security sticky
Switch (config-if-srv)# end
You can verify the previous commands by entering the show ethernet service instance number
interface interface-id mac security privileged EXEC command.
OL-23400-01
Purpose
(Optional) Configure MAC security aging characteristics for the service
instance.
•
static—Specify that the configured aging time applies to permitted MAC
addresses. By default, this only affects dynamically learned addresses.
sticky—Specify that the aging time also applies to dynamically learned
•
sticky addresses.
time aging-time—Configure the aging time of addresses in the MAC
•
table in minutes. The range is 1 to 1440 minutes.
(Optional) inactivity—Specify that the aging time is based on inactivity
•
in sending hosts and not on an absolute time, calculated from the last
frame sent and not the first frame.
(Optional) Enable the sticky feature on a service instance. This means that
MAC addresses that are learned dynamically on the EFP are kept persistent
across line transitions and device reloads.
•
(Optional) address mac-address—Adds the specified MAC address as a
sticky address for the EFP. You must enable the sticky feature before you
can configure a sticky MAC address.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Cisco ME 3800X and 3600X Switch Software Configuration Guide
Configuring EVC MAC Security
19-11
- Quick Links:
- Vlan Features
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
