2-454
Catalyst 6500 Series Switch Command Reference—Release8.1
78-15474-01
Chapter2 Catalyst 6500 Series Switch and ROM Monitor Commands set port security
set port security
To configure port security on a port or range of ports, use the set port se c uri ty command.
set port security mod[/port...] [enable | disable] [mac_addr] [age {age_time}]
[maximum {num_ of_mac}] [shutdown {shutdown_time}] [unicast-flood {enable | disable}]
[violation {shutdown | restrict}]
Syntax Description
Defaults The default port security configuration is as follows:
Port security is disabled.
Number of secure addresses per port is one.
Violation action is shutdown.
Age is permanent. (Addresses are not aged out.)
Shutdown time is indefinite.
Unicast flooding is enabled.
Command Types Switch command.
Command Modes Privileged.
mod[/port...] Number of the module and optionally, the port on the module.
enable (Optional) Enables port security or unicast flooding.
disable (Optional) Disables port security or unicast flooding.
mac_addr (Optional) Secure MAC address of the enabled port.
age age_time (Optional) Specifies the duration for which addresses on the port
will be secured; valid values are 0 (to disable) and from 1 to 1440
(minutes).
maximum
num_of_mac (Optional) Specifies the maximum number of MAC addresses to
secure on the port; valid values are from 1 to 4097.
shutdown
shutdown_time (Optional) Specifies the duration for which a port will remain
disabled in case of a security violation; valid values are 0 (to
disable) and from 1 to 1440 (minutes).
unicast-flood (Optional) Specifies unicast flooding.
violation (Optional) Specifies the action to be taken in the event of a security
violation.
shutdown (Optional) Shuts down the port in the event of a security violation.
restrict (Optional) Restricts packets from unsecure hosts.