KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

351

352

353

354

355

356

357

358

359

360

configured

Must specify which MAC addresses are allowed for this port. Range is 1 (default)

to 64 and addresses are not ageable. Addresses are saved across reboots.

limited-continuous

Also known as MAC Secure, or "limited" mode. The limited parameter sets a finite

limit to the number of learned addresses allowed per port. (You can set the range

from 1, the default, to a maximum of 32 MAC addresses which may be learned

by each port.)

All addresses are ageable, meaning they are automatically removed from the

authorized address list for that port after a certain amount of time. Limited mode

and the address limit are saved across reboots, but addresses which had been

learned are lost during the reboot process.

Addresses learned in the limited mode are normal addresses learned from the

network until the limit is reached, but they are not configurable. (You cannot enter

or remove these addresses manually if you are using learn-mode with the

limited-continuous option.)

Addresses learned this way appear in the switch and port address tables and age

out according to the MAC Age Interval in the System Information configuration

screen of the Menu interface or the show system information listing. You can set

the MAC age out time using the CLI, SNMP, Web, or menu interfaces. For more

on the mac-age-time command, see "Interface Access and System Information" in

the Management and Configuration Guide for your switch. To set the learn-mode

to limited use this command syntax:

port-security <port-list> learn-mode limited addresslimit

<1..32> action <none | send-alarm | send-disable>

The default address-limit is 1 but may be set for each port to learn up to 64

addresses.

The default action is none.

To see the list of learned addresses for a port use the command:

show mac port-list

address-limit <integer>

When learn-mode is set to static, configured, or limited-continuous,

the address-limit parameter specifies how many authorized devices (MAC

addresses) to allow. Range: 1 (the default) to 8 for static and configured modes.

For learn-mode with the limited-continuous option, the range is 1-32

addresses.

Available for learn-mode with the, static, configured, or

limited-continuous option. Allows up to eight authorized devices (MAC

addresses) per port, depending on the value specified in the address-limit

parameter. The mac-address limited-continuous mode allows up to 32

authorized MAC addresses per port.If you use mac-address with static, but enter

fewer devices than you specified in the address-limit field, the port accepts not only

your specified devices, but also as many other devices as it takes to reach the

device limit. For example, if you specify four devices, but enter only two MAC

addresses, the port will accept the first two non-specified devices it detects, along

with the two specifically authorized devices. Learned addresses that become

authorized do not age-out. See also “Retention of static addresses” (page 399).

action <none | send-alarm | send-disable>

Configuring 359