Cisco Systems 3130 Displaying Port-Based Traffic Control Settings

25-18

Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide

OL-13270-01

Chapter25 Configuring Port-Based Traffic Control

Displaying Port-Based Traffic Control Settings

This example shows how to configure port security on a PVLAN host and promiscuou s port s

Switch(config)# interface gigabitethernet 1/0/8

Switch(config-if)# switchport private-vlan mapping 2061 2201-2206,3101

Switch(config-if)# switchport mode private-vlan promiscuous

Switch(config-if)# switchport port-security maximum 288

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security violation restrict

Note Ports that have both port security and private VLANs configured can be labeled secure PVLAN ports.

When a secure address is learned on a secure PVLAN port, th e same secu re add re ss ca nnot be le arne d

on another secure PVLAN port belonging to the same primary VLAN. However, an address learned on

unsecure PVLAN port can be learned on a secure PVLAN port belo nging t o sam e pr imary V LAN.

Secure addresses that are learned on host port get automat icall y repl icat ed on ass ociat ed pri mar y

VLANs, and similarly, secure addresses learned on promiscuous ports automatic ally ge t r eplic ated on

all associated secondary VLANs. Static addresses (using mac-address-table static command) cannot be

user configured on a secure port.

Displaying Port-Based Traffic Control Settings

The show interfaces interface-id switchport privileged EXEC command displays (among other

characteristics) the interface traffic suppression and co ntrol configuration. The show storm-control and

show port-security privileged EXEC commands display those storm control and port security settings.

To display traffic control information, use one or more of the privileged EXEC commands in Table 25-4.

Table25-4 Commands for Displaying Traf fic Control Status and Configuration

Command Purpose

show interfaces [interface-id] switchport Displays the administrative and operational status of all switching

(nonrouting) ports or the specified port, including port blocking and

port protection settings.

show storm-control [interface-id] [broadcast |

multicast | unicast]Displays storm control suppression levels set on all interfaces or the

specified interface for the specified traffic type or for broadcast traf f ic

if no traffic type is entered.

show port-security [interface interface-id] Displays port security settings for the switch or for the specified

interface, including the maximum allowed number of secure MAC

addresses for each interface, the number of secure MAC addresses on

the interface, the number of security violations that have occurred, and

the violation mode.

show port-security [interface interface-id] address Displays all secure MAC addresses configured on all switch interfaces

or on a specified interface with aging information for each address.

show port-security interface interface-id vlan Di splays the number of secure MAC addresses configur ed p er VLAN

on the specified interface.