Type
Sticky
Dynamic
Configuration prerequisites
Enable port security.
•
Set port security's limit on the number of MAC addresses on the port. Perform this task before you
•
enable autoLearn mode.
•
Set the port security mode to autoLearn.
Configuration procedure
To configure a secure MAC address:
Step
1.
Enter system view.
2.
Set the secure MAC
aging timer.
Address sources
Aging mechanism
Sticky MAC addresses by default do not age
out, but you can configure an aging timer or use
Manually added,
the aging timer together with the inactivity aging
converted from
function to delete old sticky MAC addresses:
dynamic secure MAC
•
addresses, or
automatically learned
when the dynamic
secure MAC function
(port-security
•
mac-address
dynamic) is disabled.
Converted from sticky
MAC addresses or
automatically learned
Same as sticky MAC addresses.
after the dynamic
secure MAC function
is enabled.
Command
system-view
port-security timer autolearn aging
time-value
If only an aging timer is configured, the
aging timer counts up regardless of whether
traffic data has been sent from the sticky
MAC address.
If both an aging timer and the inactivity
aging function are configured, the aging
timer restarts once traffic data is detected
from the sticky MAC address.
174
Can be saved and
survive a device
reboot?
Yes.
The secure MAC aging
timer restarts at a
reboot.
No.
All dynamic secure
MAC addresses are
lost at reboot.
Remarks
N/A
Optional.
By default, secure MAC addresses
do note age out, and you can
remove them only by executing the
undo port-security mac-address
security command, changing the
port security mode, or disabling
the port security feature.