Port-Security Ntk-Mode - H3C S3100 Series Command Manual
Hide thumbs
Also See for S3100 Series:
- Command manual (1244 pages) ,
- Operation manual (1057 pages) ,
- Installation manual (94 pages)
Table of Contents
Advertisement
Command Manual ( For Soliton ) – Port Security-Port Binding
H3C S3100 Series Ethernet Switches
Examples
# Set the maximum number of MAC addresses allowed on the port to 100.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] port-security enable
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] port-security max-mac-count 100
1.1.8 port-security ntk-mode
Syntax
port-security ntk-mode { ntkonly | ntk-withbroadcasts | ntk-withmulticasts }
undo port-security ntk-mode
View
Ethernet port view
Parameters
ntkonly:
successfully-authenticated destination MAC addresses.
ntk-withbroadcasts: Allows the port to transmit broadcast packets and unicast
packets with successfully-authenticated destination MAC addresses.
ntk-withmulticasts: Allows the port to transmit multicast packets, broadcast packets
and unicast packets with successfully-authenticated destination MAC addresses.
Description
Use the port-security ntk-mode command to configure the NTK feature on the port.
Use the undo port-security ntk-mode command to restore the default setting.
Be default, NTK is disabled on a port, namely all frames are allowed to be sent.
Note:
By checking the destination MAC addresses of the data frames to be sent from a port,
the NTK feature ensures that only successfully authenticated devices can obtain data
frames from the port, thus preventing illegal devices from intercepting network data.
Examples
# Set the NTK feature to ntk-withbroadcasts on Ethernet 1/0/1.
Allows
the
port
Chapter 1 Port Security Commands
to
transmit
only
1-13
unicast
packets
with
Hide quick links:
Advertisement
Chapters
Table of Contents
