Configuring Ethernet Ports Clearing Ethernet Port Violations
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 1-19
Clearing Ethernet Port Violations
The following switch applications may trigger a violation condition on one or more ports:
• Learned Port Security (LPS)
• Quality of Service (QoS)
• Network Security
• UniDirectional Link Detection (UDLD)
• Fabric stability related violations
Depending on the application and type of violation, specific actions are taken when a violation is detected
on the port. For example, an application may take one of the following actions when the violation triggers
a port shut down:
• Admin Down—deactivates the physical port.
• Simulated Down—the physical port shows as active but the applications are not allowed to access the
port link. The port is put in a blocking state.
A security violation may occur under the following conditions:
• A port is configured as a secure port and the number of secure MAC addresses learned on the port has
exceeded the maximum value.
• A device with a secure MAC address that is configured or learned on one of the secure ports attempts
to access another secure port.
Consider the following regarding link aggregate security violations:
• When a violation occurs on a physical port that is a member of a link aggregate, the violation affects
the entire link aggregate group. All ports on that link aggregate are either restricted or shut down.
• When the violations are cleared for the entire link aggregate group, the whole link aggregate group is
reactivated.
• When a simulated down violation occurs, toggling the link clears the violation for both the link
aggregates and physical ports.
To view the violation conditions that exist on individual ports or link aggregates, use the show violation
command. For example:
-> show violation
Port Source Action Reason Timer
------+----------+-------------------+----------------+--------
1/1 src lrn simulated down lps shutdown 0
1/2 src lrn simulated down lps restrict 0
‘ ‘ 2‘‘qos‘ ‘ ‘ ‘ admin down policy 0
To clear all the MAC address violation logs and activate the port or link aggregate, use the clear violation
command. For example:
-> clear violation port 1/10
-> clear violation linkagg 10-20
To Next Page
Loading...
Need help?
General
