29-11
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 29 Configuring Port-Based Traffic Control
How to Configure Port-Based Traffic Control
Configuring Port Blocking
Blocking Flooded Traffic on an Interface
Note The interface can be a physical interface or an EtherChannel group. When you block multicast or unicast
traffic for a port channel, it is blocked on all ports in the port-channel group.
Configuring Port Security
Enabling and Configuring Port Security
Step 3
switchport protected Configures the interface to be a protected port.
Step 4
end Returns to privileged EXEC mode.
Command Purpose
Step 1
configure terminal Enters global configuration mode.
Step 2
interface interface-id Specifies the interface to be configured, and enters interface
configuration mode.
Step 3
switchport block multicast Blocks unknown multicast forwarding out of the port.
Note Only pure Layer 2 multicast traffic is blocked. Multicast
packets that contain IPv4 or IPv6 information in the
header are not blocked.
Step 4
switchport block unicast Blocks unknown unicast forwarding out of the port.
Step 5
end Returns to privileged EXEC mode.
Command Purpose
Step 1
configure terminal Enters global configuration mode.
Step 2
interface interface-id Specifies the interface to be configured, and enters interface configuration
mode.
Step 3
switchport mode {access | trunk} Sets the interface switchport mode as access or trunk. An interface in the
default mode (dynamic auto) cannot be configured as a secure port.
Step 4
switchport voice vlan vlan-id Enables voice VLAN on a port.
vlan-id—Specifies the VLAN to be used for voice traffic.
Step 5
switchport port-security Enables port security on the interface.
Command Purpose
