![](/images/backgrounds/285757/hp-procurve-2600-series-users-manual-550038250x1.png)
Configuring and Monitoring Port Security
MAC Lockdown
MAC Lockdown Operating Notes
Limits. There is a limit of 500 MAC Lockdowns that you can safely code per switch. To truly lock down a MAC address it would be necessary to use the MAC Lockdown command for every MAC Address and VLAN ID on every switch. In reality few network administrators will go to this length, but it is important to note that just because you have locked down the MAC address and VID for a single switch, the device (or a hacker “spoofing” the MAC address for the device) may still be able to use another switch which hasn’t been locked down.
Event Log Messages. If someone using a locked down MAC address is attempting to communicate using the wrong port the “move attempt” generates messages in the log file like this:
Move attempt (lockdown) logging:
W10/30/03 21:33:43 maclock: module A: Move
W10/30/03 21:33:48 maclock: module A: Move
W10/30/03 21:33:48 maclock: module A: Ceasing
These messages in the log file can be useful for troubleshooting problems. If you are trying to connect a device which has been locked down to the wrong port, it will not work but it will generate error messages like this to help you determine the problem.
Limiting the Frequency of Log Messages. The first move attempt (or intrusion) is logged as you see in the example above. Subsequent move attempts send a message to the log file also, but message throttling is imposed on the logging on a