14-24
Configuring and Monitoring Port Security
MAC Lockdown
Figure 14-14.Example showing a MAC Address cleared from the MAC Address Table.
MAC Lockdown
MAC Lockdown, also known as “static addressing,” is the permanent assign-
ment of a given MAC address (and VLAN, or Virtual Local Area Network) to
a specific port on the switch. MAC Lockdown is used to prevent station
movement and MAC address hijacking. It also controls address learning on
the switch.
Locking down a MAC address on a port and a specific VLAN only restricts the
MAC address on that VLAN. The client device with that MAC address is
allowed to access other VLANs on the same port or through other ports.
Note Port security and MAC Lockdown are mutually exclusive on a given port. You
can either use port security or MAC Lockdown, but never both at the same
time on the same port.
HP Switch(config)# show mac-address vlan 2
Status and Counters - Address Table - VLAN 2
MAC Address Located on Port
------------- ---------------
00000c-07ac00 2
000102-03db12 2
0001e6-b197a8 2
HP Switch(config)# clear mac-address vlan 2 mac 0001e6-b197a8
HP Switch(config)# show mac-address vlan 2
Status and Counters - Address Table - VLAN 2
MAC Address Located on Port
------------- ---------------
00000c-07ac00 2
000102-03db12 2
Syntax: [no] static-mac < mac-addr > vlan < vid > interface < port-number >
To Next Page
Loading...
Need help?
General