Download
Share
Print this page
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. WS-C2960G-8TC-L
  6. Configuration

Cisco WS-C2960G-8TC-L Configuration page 21

Swtich configuration
Hide thumbs Also See for WS-C2960G-8TC-L:

Advertisement

When an interface is disabled because of a violation with port security, you
can reset the interface with this Configuration mode command: errdisable
recovery cause psecure-violation.
The last two commands in the preceding code listing affect how the switch learns
the secure MAC addresses on the interface. The first one has you specify the exact
MAC address that is allowed to be associated with this interface—this is statically
defining the MAC addresses allowed off of the port. The second command uses the
sticky feature, which allows the switch to dynamically learn the MAC address(es)
associated with the interface and convert these dynamic entries to static entries.
The interface will learn MAC addresses only up to the maximum configured value
for that interface. After you save your configuration (copy running-config
startup-config), and when you reboot your switch, the sticky-learned
addresses appear as statically secure addresses. Basically, sticky learning lets you
avoid having to configure the MAC addresses associated with the interface.
If you don't statically define the MAC addresses or use sticky learning to learn
them with port security, dynamic learning is used. Dynamic learning is similar to
sticky learning in that the switch will learn the MAC addresses dynamically off of
the interface up to the maximum defined; however, unlike sticky learning, these
addresses are not saved: every time the switch boots up or the interface is reset, the
MAC addresses are relearned for the interface.
Sticky learning allows a
switch to dynamically learn MAC addresses
up to the maximum allowed for the
interface, which is then automatically saved
in the switch's configuration.This is used
Port Security Verification
To verify your configuration, use the show port-security interface
command:
switch# show port-security interface fa0/2
Port Security : Enabled
Port status : SecureUp
Violation mode : Restrict
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Port Security Feature
as the most efficient way of learning the
MAC addresses connected to the switch.
Statically configuring a MAC address is
typically used for network devices such as
servers and routers.
377

Advertisement

loading

Related Manuals for Cisco WS-C2960G-8TC-L

Related Products for Cisco WS-C2960G-8TC-L