Support User Manuals

D-Link DES-7200 Refrigerator User Manual

Open as PDF

of 1968

DES-7200 Configuration Guide Chapter 5 Port-based Flow Control Configuration

5-7

share with the ACLs the hardware resources of the system. Therefore, when you apply

the ACLs on one secure port, the IP+MAC addresses and IP addresses on the port

can be configured with less secure addresses.

The secure addresses for the same secure port must have the same format, namely

either all or none of them are bound with IP addresses. If a security port includes these

two types of security addresses at the same time, the secure address not bound with

the IP address will fail (the secure address bound with the IP address has a high

priority).

5.3.2.3 Configuration of Secure Ports

and Violation Handling Modes

In the interface configuration mode, configure secure ports and violation handling

modes by using the following commands:

Command Function

DES-7200(config-if)# switchport

port-security

Enable the port security function of this interface.

DES-7200(config-if)# switchport

port-security maximum value

Set the maximum number of secure addresses on the

interface. The range is between 1 and 1000 and the

default value is 128.

DES-7200(config-if)# switchport

port-security violation{protect |

restrict | shutdown}

Set the violation handling mode:

protect: Protected port. When the number of secure

addresses if full, the security port will discard the

packets from unknown address (that is, not any among

the secure addresses of the port).

restrict: In the case of violation, a Trap notification is

sent

shutdown: In the case of violation, the port is shut down

and a Trap notification is sent. When a port is closed

because of violation, you can recover it from the error

status by using the errdisable recovery command in

the global configuration mode.

DES-7200(config-if)# switchport

port-security mac-address sticky

Enable the Sticky MAC address learning.

In the interface configuration mode, you can disable the port security function of an

interface with the command no switchport port-security. Use the command no

switchport port-security maximum to recover to the default maximum value. Use

the command no switchport port-security violation to set violation handling to the

default mode. Use the command no switchport port-security mac-address sticky to

set the Sticky MAC address learning to the default mode.

previous next