mac

Command: switchport port-security timeout <value>

no switchport port-security timeout

Function: Set the timer for port locking; the no command restores the default setting.

Parameter: <value> is the timeout value, the valid range is 0 to 300s.

Command mode: Port Mode.

Default: Port locking timer is not enabled by default.

Usage Guide: The port locking timer function is a dynamic MAC address locking function.

MAC address locking and conversion of dynamic MAC entries to secure address entries

will be performed on locking timer timeout. The MAC address binding function must be

enabled prior to running this command.

Example: Set port1 locking timer to 30 seconds.

Switch(config)#interface Ethernet 1/1

Switch(Config-If-Ethernet1/1)#switchport port-security timeout 30

5.2.14 switchport port-security violation

Command: switchport port-security violation {protect | shutdown} [recovery

<30-3600>]

no switchport port-security violation

Function: Configure the port violation mode. The no restores the violation mode to

protect.

Command Mode: Port mode.

Parameter: protect refers to protect mode

shutdown refers to shutdown mode

recovery: configure the border port can be recovered automatically after

implement shutdown violation operation

<30-3600>: the recovery time, do not recover it by default

Default: The port violation mode is protect by default.

Usage Guide: The port violation mode configuration is only available after the MAC

address binding function is enabled. when the port secure MAC address exceeds the

security MAC limit, if the violation mode is protect, the port only disable the dynamic MAC

address learning function; while the port will be shut if at shutdown mode. Users can

manually open the port with no shutdown command.

Example: Set the violation mode of port 1 to shutdown.

Switch(config)#interface Ethernet 1/1

Switch(Config-If-Ethernet1/1)#switchport port-security violation shutdown recovery 60