HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 141
port-security mac-address dynamic
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 141 highlights
Description Use port-security mac-address aging-type inactivity to enable inactivity aging for secure MAC addresses (sticky or dynamic). Use undo port-security mac-address aging-type inactivity to restore the default. By default, the inactivity aging function is disabled. If only an aging timer is configured, the aging timer counts up regardless of whether traffic data has been sent from the sticky MAC address. When you use an aging timer together with the inactivity aging function, the aging timer restarts once traffic data is detected from the sticky MAC address. The inactivity aging function prevents the unauthorized use of a secure MAC address when the authorized user is offline, and removes outdated secure MAC addresses so new secure MAC addresses can be learned. Related commands: port-security timer autolearn aging, and port-security mac-address dynamic. Examples # Enable inactivity aging for secure MAC addresses on interface GigabitEthernet 1/0/1. system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] port-security mac-address aging-type inactivity port-security mac-address dynamic Syntax port-security mac-address dynamic undo port-security mac-address dynamic View Layer 2 Ethernet interface view Default level 2: System level Parameters None Description Use port-security mac-address dynamic to enable the dynamic secure MAC function. This function converts sticky MAC addresses to dynamic, and disables saving them to the configuration file. Use undo port-security mac-address dynamic to restore the default. By default, sticky MAC addresses can be saved to the configuration file, and once saved, survive a device reboot. After you execute the port-security mac-address dynamic command on a port, you cannot manually configure sticky MAC address, and secure MAC addresses automatically learned by the port in autoLearn mode are also dynamic. All dynamic MAC addresses are lost at reboot. Use this command when you want to clear all sticky MAC addresses after a device reboot. After you execute the undo port-security mac-address dynamic command on a port, all dynamic secure MAC addresses on the port are converted to sticky MAC addresses, and you can manually configure sticky MAC address. 132