Displaying Port-Based Traffic Control Settings - Cisco 3032 Software Configuration Manual

Chapter 26 Configuring Port-Based Traffic Control
This example shows how to configure port security on a PVLAN host and promiscuous ports
Switch(config)# interface gigabitethernet 1/0/8
Switch(config-if)# switchport private-vlan mapping 2061 2201-2206,3101
Switch(config-if)# switchport mode private-vlan promiscuous
Switch(config-if)# switchport port-security maximum 288
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security violation restrict
Ports that have both port security and private VLANs configured can be labeled secure PVLAN ports.
Note
When a secure address is learned on a secure PVLAN port, the same secure address cannot be learned
on another secure PVLAN port belonging to the same primary VLAN. However, an address learned on
unsecure PVLAN port can be learned on a secure PVLAN port belonging to same primary VLAN.
Secure addresses that are learned on host port get automatically replicated on associated primary
VLANs, and similarly, secure addresses learned on promiscuous ports automatically get replicated on
all associated secondary VLANs. Static addresses (using mac-address-table static command) cannot be
user configured on a secure port.

Displaying Port-Based Traffic Control Settings

The show interfaces interface-id switchport privileged EXEC command displays (among other
characteristics) the interface traffic suppression and control configuration. The show storm-control and
show port-security privileged EXEC commands display those storm control and port security settings.
To display traffic control information, use one or more of the privileged EXEC commands in
Table 26-4 Commands for Displaying Traffic Control Status and Configuration
Command
show interfaces [interface-id] switchport
show storm-control [interface-id] [broadcast |
multicast | unicast]
show port-security [interface interface-id]
show port-security [interface interface-id] address Displays all secure MAC addresses configured on all switch interfaces
show port-security interface interface-id vlan
OL-12247-04
Purpose
Displays the administrative and operational status of all switching
(nonrouting) ports or the specified port, including port blocking and
port protection settings.
Displays storm control suppression levels set on all interfaces or the
specified interface for the specified traffic type or for broadcast traffic
if no traffic type is entered.
Displays port security settings for the switch or for the specified
interface, including the maximum allowed number of secure MAC
addresses for each interface, the number of secure MAC addresses on
the interface, the number of security violations that have occurred, and
the violation mode.
or on a specified interface with aging information for each address.
Displays the number of secure MAC addresses configured per VLAN
on the specified interface.
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
Displaying Port-Based Traffic Control Settings
Table 26-4.
26-19