Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)

Send feedback to nx5000-docfeedback@cisco.com
45-12
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 45 Configuring Port Security
Port Security Configuration Distribution
switch(config-port-security)# any-wwn interface fc slot/port
Port Security Configuration Distribution
The port security feature uses the Cisco Fabric Services (CFS) infrastructure to enable efficient database
management, provide a single point of configuration for the entire fabric in the VSAN, and enforce the
port security policies throughout the fabric (see Chapter 21, “Using Cisco Fabric Services”).
This section contains the following topics:
Enabling Distribution, page 45-12
Locking the Fabric, page 45-13
Committing the Changes, page 45-13
Discarding the Changes, page 45-13
Activation and Auto-Learning Configuration Distribution, page 45-13
Enabling Distribution
All the configurations performed in distributed mode are stored in a pending (temporary) database. If
you modify the configuration, you need to commit or discard the pending database changes to the
configurations. The fabric remains locked during this period. Changes to the pending database are not
reflected in the configurations until you commit the changes.
Note Port activation or deactivation and auto-learning enable or disable do not take effect until after a CFS
commit if CFS distribution is enabled. Always follow any one of these operations with a CFS commit to
ensure proper configuration. See the Activation and Auto-Learning Configuration Distribution” section
on page 45-13.
For example, if you activate port security, follow up by disabling auto-learning, and finally commit the
changes in the pending database, then the net result of your actions is the same as entering a
port-security activate vsan vsan-id no-auto-learn command.
Tip We recommend that you perform a commit after you activate port security and after you enable auto
learning.
To enable the port security distribution, perform this task:
Command Purpose
Step 1
switch# configuration terminal
switch(config)#
Enters configuration mode.
Step 2
switch(config)# port-security distribute
Enables distribution.
switch(config)# no port-security distribute
Disables distribution.