Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)
Send feedback to nx5000-docfeedback@cisco.com
45-15
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 45 Configuring Port Security
Database Interaction
Caution If you do not follow these two conditions, the merge will fail. The next distribution will forcefully
synchronize the databases and the activation states in the fabric.
Database Interaction
Table 45-4 lists the differences and interaction between the active and configuration databases.
Note You can overwrite the configuration database with the active database using the port-security database
copy vsan command. The port-security database diff active vsan command in EXEC mode lists the
differences between the active database and the configuration database.
This section includes the following topics:
• Database Scenarios, page 45-15
• Copying the Port Security Database, page 45-17
• Deleting the Port Security Database, page 45-18
• Clearing the Port Security Database, page 45-18
Database Scenarios
Figure 45-1 illustrates various scenarios showing the active database and the configuration database
status based on port security configurations.
Table 45-4 Active and Configuration Port Security Databases
Active Database Configuration Database
Read-only. Read-write.
Saving the configuration only saves the activated
entries. Learned entries are not saved.
Saving the configuration saves all the entries in
the configuration database.
Once activated, all devices that have already
logged into the VSAN are also learned and added
to the active database.
Once activated, the configuration database can be
modified without any effect on the active
database.
You can overwrite the active database with the
configured database by activating the port
security database. Forcing an activation may
violate the entries already configured in the active
database.
You can overwrite the configuration database with
the active database.