To Next Page

To Previous Page

set maclock firstarrival

17-58 Security Configuration

Mode

Switchcommand,read‐write.

Example

ThisexampleshowshowtoresetthenumberofallowablestaticMACsonfe.2.3:

D2(rw)->clear maclock static fe.2.3

set maclock firstarrival

UsethiscommandtorestrictMAClockingonaporttoamaximumnumberofendstation

addressesfirstconnectedtothatport.

Syntax

set maclock firstarrival port-string value

Parameters

Defaults

None.

Mode

Switchcommand,read‐write.

Usage

Themaclockfirstarrivalcountresetswhenthelinkgoesdown.Thisfeatureisbeneficialifyou

haveroamingusers—thefirstarrivalcount willbereseteverytimeausermovestoanotherport,

butwillstillprotectagainstconnectingmultipledevicesonasingleportand willprotectagainst

MAC

addressspoofing.

Example

ThisexampleshowshowtorestrictMAClockingto6MACaddressesonfe.2.3:

D2(su)->set maclock firstarrival fe.2.3 6

port‐string SpecifiestheportonwhichtolimitMAClocking.Foradetailed

descriptionofpossibleport‐stringvalues,referto“PortStringSyntaxUsed

intheCLI”onpage 6‐1.

value Specif iesthenumberoffirstarrivalendstationMACaddressestobe

allowedconnectionstotheport.Valid

valuesare0to600.

Note: Setting a port’s first arrival limit to 0 does not deny the first MAC address learned on the port

from passing traffic.

Enterasys D-Series User Manual

Questions and Answers: