Configuring Learned Port Security Sample Learned Port Security Configuration
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 33-3
Sample Learned Port Security Configuration
This section provides a quick tutorial to perform the following tasks:
• Enabling LPS on a set of switch ports.
• Defining the maximum number of learned MAC addresses allowed on an LPS port.
• Defining the time limit for which source learning is allowed on all LPS ports.
• Selecting a method for handling unauthorized traffic received on an LPS port.
Quick Steps
1 Enable LPS on ports 1/6 through 1/8 using the following commands:
-> port-security port 1/6-8 admin-state enable
2 Set the total number of learned MAC addresses allowed on the same ports to 25 using the following
command:
-> port-security port 1/6-8 maximum 25
3 Configure the amount of time in which source learning is allowed on all LPS ports to 30 minutes using
the following command:
-> port-security learning-window 30
4 Select shutdown for the LPS violation mode using the following command:
-> port-security port 1/6-8 violation shutdown
Note. Optional. To verify LPS port configurations, use the command show port-security. For example:
-> show port-security port 1/1
Port: 1/1
Admin-State : ENABLED,
Operation Mode : ENABLED,
Max MAC bridged : 3,
Trap Threshold : 1,
Violation : RESTRICT
Max MAC filtered : 5,
Low MAC Range : 00:00:00:00:00:00,
High MAC Range : ff:ff:ff:ff:ff:ff,
Violating MAC : NULL
MAC VLAN MAC TYPE OPERATION
-------------------------+--------+-----------------+-----------------
00:11:22:22:22:22 1 STATIC bridging
00:11:22:22:22:21 1 STATIC bridging
00:11:22:22:22:21 1 PSEUDO-STATIC bridging
To verify the new source learning time limit value, use the show port-security learning-window com-
mand. For example:
To Next Page
Loading...
Need help?
General
