Manualsbrain.com
  1. Manuals
  2. Brands
  3. Alcatel-Lucent
  4. 6850-48
  5. Network Guide

Alcatel-Lucent 6850-48 Network Guide

Download
Page of 1162
Configuring Learned Port Security
Configuring Learned Port Security
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
page 3-7
Configuring Learned Port Security
This section describes how to use Command Line Interface (CLI) command to configure Learned Port 
Security (LPS) on a switch. See the 
 for a brief 
tutorial on configuring LPS.
Configuring LPS involes the following procedures:
• Enabling LPS for one or more switch ports. This procedure is described in 
.
• Configuring the source learning time window during which MAC addresses are learned. This proce-
dure is described in 
• Configuring the maximum number of bridged MAC addresses allowed on an LPS port. This procedure 
is described in 
• Configuring the maximum number of filtered MAC addresses allowed on an LPS port. This procedure 
is describe in 
• Configuring one or more static authorized MAC addresses. This procedure is described in 
.
• Specifying whether or not an LPS port shuts down all traffic or only restricts traffic when an unautho-
rized MAC address is received on the port. This procedure is described in 
Enabling/Disabling Learned Port Security
By default, LPS is disabled on all switch ports. To enable LPS on a port, use th
 command. 
For example, the following command enables LPS on port 1 of slot 4:
-> port-security 4/1 enable
To enable LPS on multiple ports, specify a range of ports or multiple slots. For example:
-> port-security 4/1-5 enable
-> port-security 5/12-20 6/10-15 enable
Note that when LPS is enabled on an active port, all MAC addresses learned on that port prior to the time 
LPS was enabled are cleared from the source learning MAC address table.
To disable LPS on a port, use the port-security command with the disable parameter. For example, the 
following command disables LPS on a range of ports:
-> port-security 5/21-24 6/1-4 disable
To disable all the LPS ports on a chassis, use the port-security chassis disable command, as shown:
-> port-security chassis disable
When LPS is disabled on a port, MAC address entries for that port are retained in the LPS table. The next 
time LPS is enabled on the port, the same LPS table entries are again active. If there is a switch reboot 
before the switch configuration is saved, however, dynamic MAC address entries are discarded from the 
table.