Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
311312313314315316317318319320
Layer 2 Switching Commands 311
Enabling sticky mode configuration converts all the existing dynamically
learned MAC addresses on an interface to sticky. It also converts the last
violation MAC address to sticky, even if the dynamic limit is set to 0. These
MAC addresses will not age out and will appear in the running-config. In
addition, new addresses learned on the interface will also become sticky. Note
that sticky is not the same as static – the difference is that all sticky addresses
for an interface are removed from the running-config when the interface is
taken out of sticky mode. Static addresses must be removed from the
running-config individually. Save the running-config to ensure that sticky
addresses survive a switch boot.
Sticky MAC addresses appear in the running-config in the following form:
switchport port-security mac-address sticky 0011.2233.4455 vlan 33
Statically locked MAC addresses appear in the running-config in the
following form:
switchport port-security mac-address 0011.2233.4455 vlan 33
In order for sticky or static MAC addresses to survive a reboot, the
configuration must be saved.
Dynamic port security may be implemented on a VLAN or interface basis.
Use the switchport port-security dynamic vlan vlan-id maximum val or
switchport port-security dynamic vlan range vlan-range maximum val syntax
to configure VLAN security. Use the switchport port-security dynamic val
syntax to configure port based security.
VLAN port security allows the administrator to secure the network by locking
a station to a particular VLAN. Packets with a matching source MAC address
are forwarded normally in the identified VLAN. All other packets in the
VLAN are dropped.
Port security must be enabled globally to enable VLAN port security. Either or
both may be enabled. Interface port security and VLAN port security may be
configured simultaneously on a port. In the case of conflicts in configuration,
VLAN port security is given precedence.
A maximum of 600 MAC address may be learned on a VLAN with VLAN port
security
enabled.