Port Security Mac Violation Limit - Dell PowerConnect B-RX Configuration Manual

Bigiron rx series configuration guide v02.7.02

Hide thumbs Also See for PowerConnect B-RX:

Configuration manual (1458 pages)

Getting started manual (32 pages)

Installation manual (240 pages)

Table of Contents

Re-enabling a port

Once a port is permanently shut down, an administrator must re-enable the port by entering the

following command.

BigIron RX(config)# int e 7/11

BigIron RX(config-if-e100-7/11)#enable

Syntax: enable

Port security MAC violation limit

You can specify how many packets the system can receive in a one-second interval from denied

MAC address before the system shuts the port down. To enable this new mode, enter a command

such as the following.

BigIron RX(config)#global-port-security

BigIron RX(config-port-security)#violation restrict 12

Syntax: violation restrict [#-denied-packets processed]

Enter 1 – 64000. There is no default.

With the introduction of this command, packets from denied MAC addresses are now processed in

software by the LP. They are no longer programmed in the hardware.

In addition to the new processing of packets from denied MAC addresses, these packets can now

be logged in the Syslog. And to prevent the Syslog from being overwhelmed with messages for

denied packets, you can specify how many messages will be logged per second, based on a

packet's IP address.

BigIron RX(config)#global-port-security

BigIron RX(config-port-security)#violation restrict 12

BigIron RX(config-port-security)#deny-log-rate <7>

Syntax: deny-log-rate [<#-logs>]

Enter 1 – 10. There is no default.

The logged message contains the packet's IP address and the MAC address of the denied packet.

For example, the following configuration shows that violation restrict is configured;

interface ethernet 14/1

port security

violation restrict 1000

secure-mac-address 0000.0022.2222 10

secure-mac-address 0000.0022.2223 10

secure-mac-address 0000.0022.2224 10

secure-mac-address 0000.0022.2225 10

secure-mac-address 0000.0022.2226 10

When packet from MAC address 000.0022.2227, an address that is not a secured MAC address,

the following Syslog message is generated.

SYSLOG: Mar 10 17:36:12:<12>3-RW-Core-3, Interface e14/1 shutdn due to high rate

of denied mac 0000.0022.2227, vlan 10

BigIron RX Series Configuration Guide

53-1001810-01

Configuring the MAC port security feature

Brocade dcx-4s Brocade dcx

Port Security Mac Violation Limit - Dell PowerConnect B-RX Configuration Manual

Port security MAC violation limit

Related Manuals for Dell PowerConnect B-RX

Related Content for Dell PowerConnect B-RX

This manual is also suitable for:

Table of Contents