Home » TP-Link Manuals » Hubs & Switches » TP-Link T1600G-28PS » Manual Viewer

TP-Link T1600G-28PS Jetstream Smart Switches User Guide - Page 688

as permanent and the status as drop

View all TP-Link T1600G-28PS manuals

Add to My Manuals
Save this manual to your list of manuals

Page 688 highlights

Configuring Port Security Port Security Configuration Step 3 Step 4 Step 5 Step 6 mac address-table max-mac-count { [max-number num] [exceed-max-learned enable | disable] [mode { dynamic | static | permanent } ] [ status { forward | drop | disable } ]} Enable the port security feature of the port and configure the related parameters. num: The maximum number of MAC addresses that can be learned on the port. The valid values are from 0 to 64. The default value is 64. exceed-max-learned: With exceed-max-learned enabled, when the maximum number of MAC addresses on the specified port is exceeded, a notification will be generated and sent to the management host. enable: Enable exceed-max-learned. disable: Disable exceed-max-learned. mode: Learn mode of the MAC address. There are three modes: dynamic: The switch will delete the MAC addresses that are not used or updated within the aging time. static: The learned MAC addresses are out of the influence of the aging time and can only be deleted manually. The learned entries will be cleared after the switch is rebooted. permanent: The learned MAC address is out of the influence of the aging time and can only be deleted manually. The learned entries will be saved even the switch is rebooted. status: Status of port security feature. By default, it is disabled. drop: When the number of learned MAC addresses reaches the limit, the port will stop learning and discard the packets with the MAC addresses that have not been learned. forward: When the number of learned MAC addresses reaches the limit, the port will stop learning but send the packets with the MAC addresses that have not been learned. disable: The number limit on the port is not effective, and the switch follows the original forwarding rules. It is the default setting. show mac address-table max-mac-count interface { fastEthernet port | gigabitEthernet port | ten-gigabitEthernet port } Verify the Port Security configuration and the current learned MAC addresses of the port. end Return to privileged EXEC mode. copy running-config startup-config Save the settings in the configuration file. Note: •• Port Security cannot be enabled on the member port of a LAG, and the port with Port Security enabled cannot be added to a LAG. •• On one port, Port Security and 802.1x cannot be enabled at the same time. The following example shows how to set the maximum number of MAC addresses that can be learned on port 1/0/1 as 30, enable exceed-max-leaned feature and configure the mode as permanent and the status as drop: User Guide 663

Section	Page
About This Guide	26
Intended Readers	26
Conventions	26
More Information	27
Accessing the Switch	28
Determine the Management Method	29
Web Interface Access	30
Login	30
Save the Configuration File	31
Disable the Web Server	32
Configure the Switch's IP Address and Default Gateway	33
Command Line Interface Access	35
Console Login (only for switch with console port)	35
Telnet Login	37
SSH Login	38
Disable Telnet login	42
Disable SSH login	43
Copy running-config startup-config	43
Change the Switch's IP Address and Default Gateway	44
Managing System	45
System	46
Overview	46
Supported Features	46
System Info Configurations	48
Using the GUI	48
Viewing the System Summary	48
Configuring the Device Description	51
Configuring the System Time	52
Configuring the Daylight Saving Time	53
Using the CLI	54
Viewing the System Summary	54
Configuring the Device Description	55
Configuring the System Time	56
Configuring the Daylight Saving Time	59
User Management Configurations	61
Using the GUI	61
Creating Accounts	61
Configuring Enable Password	62
Using the CLI	63
Creating Accounts	63
Configuring Enable Password	64
System Tools Configurations	67
Using the GUI	67
Configuring the Boot File	67
Restoring the Configuration of the Switch	69
Backing up the Configuration File	69
Upgrading the Firmware	70
Rebooting the switch	71
Reseting the Switch	72
Using the CLI	72
Configuring the Boot File	72
Restoring the Configuration of the Switch	74
Backing up the Configuration File	74
Upgrading the Firmware	75
Rebooting the Switch	75
Reseting the Switch	77
EEE Configuration	78
Using the CLI	78
PoE Configurations (Only for Certain Devices)	80
Using the GUI	81
Configuring the PoE Parameters Manually	81
Configuring the PoE Parameters Using the Profile	84
Using the CLI	87
Configuring the PoE Parameters Manually	87
Configuring the PoE Parameters Using the Profile	89
SDM Template Configuration	92
Using the GUI	92
Using the CLI	93
Time Range Configuration	95
Using the GUI	95
Adding Time Range Entries	95
Configuring Holiday	97
Using the CLI	98
Adding Time Range Entries	98
Configuring Holiday	99
Example for PoE Configurations	101
Network Requirements	101
Configuring Scheme	101
Using the GUI	101
Using the CLI	104
Appendix: Default Parameters	106
Managing Physical Interfaces	109
Physical Interface	110
Overview	110
Supported Features	110
Basic Parameters Configurations	111
Using the GUI	111
Using the CLI	112
Port Isolation Configurations	115
Using the GUI	115
Using the CLI	116
Loopback Detection Configuration	118
Using the GUI	118
Using the CLI	120
Configuration Examples	122
Example for Port Isolation	122
Network Requirements	122
Configuration Scheme	122
Using the GUI	122
Using the CLI	124
Example for Loopback Detection	125
Network Requirements	125
Configuration Scheme	125
Using the GUI	126
Using the CLI	127
Appendix: Default Parameters	128
Configuring LAG	129
LAG	130
Overview	130
Supported Features	130
LAG Configuration	131
Using the GUI	132
Configuring Load-balancing Algorithm	132
Configuring Static LAG or LACP	133
Using the CLI	135
Configuring Load-balancing Algorithm	135
Configuring Static LAG or LACP	136
Configuration Examples	140
Example for Static LAG	140
Network Requirements	140
Configuration Scheme	140
Using the GUI	140
Using the CLI	141
Example for LACP	142
Network Requirements	142
Configuration Scheme	142
Using the GUI	143
Using the CLI	144
Appendix: Default Parameters	147
Managing MAC Address Table	148
MAC Address Table	149
Overview	149
Supported Features	149
MAC Address Configurations	151
Using the GUI	151
Adding Static MAC Address Entries	151
Modifying the Aging Time of Dynamic Address Entries	153
Adding MAC Filtering Address Entries	154
Viewing Address Table Entries	154
Using the CLI	155
Adding Static MAC Address Entries	155
Modifying the Aging Time of Dynamic Address Entries	156
Adding MAC Filtering Address Entries	157
Appendix: Default Parameters	159
Configuring 802.1Q VLAN	160
Overview	161
802.1Q VLAN Configuration	162
Using the GUI	163
Configuring the VLAN	163
Configuring Port Parameters for 802.1Q VLAN	164
Using the CLI	165
Creating a VLAN	165
Adding the Port to the Specified VLAN	166
Configuring the Port	167
Configuration Example	169
Network Requirements	169
Configuration Scheme	169
Network Topology	170
Using the GUI	170
Using the CLI	173
Appendix: Default Parameters	176
Configuring MAC VLAN	177
Overview	178
MAC VLAN Configuration	179
Using the GUI	179
Configuring 802.1Q VLAN	179
Binding the MAC Address to the VLAN	179
Enabling MAC VLAN for the Port	180
Using the CLI	181
Configuring 802.1Q VLAN	181
Binding the MAC Address to the VLAN	181
Enabling MAC VLAN for the Port	182
Configuration Example	183
Network Requirements	183
Configuration Scheme	183
Using the GUI	184
Using the CLI	189
Appendix: Default Parameters	193
Configuring Protocol VLAN	194
Overview	195
Protocol VLAN Configuration	196
Using the GUI	196
Configuring 802.1Q VLAN	196
Creating Protocol Template	197
Configuring Protocol VLAN	198
Using the CLI	199
Configuring 802.1Q VLAN	199
Creating a Protocol Template	199
Configuring Protocol VLAN	200
Configuration Example	203
Network Requirements	203
Configuration Scheme	203
Using the GUI	205
Using the CLI	211
Appendix: Default Parameters	215
Configuring GVRP	216
Overview	217
GVRP Configuration	218
Using the GUI	219
Using the CLI	220
Configuration Example	223
Network Requirements	223
Configuration Scheme	223
Using the GUI	224
Using the CLI	228
Appendix: Default Parameters	232
Configuring Layer 2 Multicast	233
Layer 2 Multicast	234
Overview	234
Supported Features	236
IGMP Snooping Configuration	237
Using the GUI	237
Configuring IGMP Snooping Globally	237
Configuring IGMP Snooping for VLANs	238
Configuring IGMP Snooping for Ports	242
Configuring Hosts to Statically Join a Group	242
Using the CLI	243
Configuring IGMP Snooping Globally	243
Configuring IGMP Snooping for VLANs	245
Configuring IGMP Snooping for Ports	250
Configuring Hosts to Statically Join a Group	251
MLD Snooping Configuration	253
Using the GUI	253
Configuring MLD Snooping Globally	253
Configuring MLD Snooping for VLANs	254
Configuring MLD Snooping for Ports	257
Configuring Hosts to Statically Join a Group	257
Using the CLI	258
Configuring MLD Snooping Globally	258
Configuring MLD Snooping for VLANs	259
Configuring MLD Snooping for Ports	264
Configuring Hosts to Statically Join a Group	265
MVR Configuration	267
Using the GUI	267
Configuring 802.1Q VLANs	267
Configuring MVR Globally	268
Adding Multicast Groups to MVR	269
Configuring MVR for the Port	270
(Optional) Adding Ports to MVR Groups Statically	271
Using the CLI	272
Configuring 802.1Q VLANs	272
Configuring MVR Globally	272
Configuring MVR for the Ports	274
Multicast Filtering Configuration	277
Using the GUI	277
Creating the Multicast Profile	277
Configure Multicast Filtering for Ports	279
Using the CLI	280
Creating the Multicast Profile	280
Binding the Profile to Ports	283
Viewing Multicast Snooping Information	287
Using the GUI	287
Viewing IPv4 Multicast Table	287
Viewing IPv4 Multicast Statistics on Each Port	288
Viewing IPv6 Multicast Table	289
Viewing IPv6 Multicast Statistics on Each Port	290
Using the CLI	291
Viewing IPv4 Multicast Snooping Information	291
Viewing IPv6 Multicast Snooping Configurations	292
Configuration Examples	293
Example for Configuring Basic IGMP Snooping	293
Network Requirements	293
Configuration Scheme	293
Using the GUI	294
Using the CLI	296
Example for Configuring MVR	298
Network Requirements	298
Network Topology	298
Configuration Scheme	299
Using the GUI	299
Using the CLI	302
Example for Configuring Unknown Multicast and Fast Leave	305
Network Requirement	305
Configuration Scheme	306
Using the GUI	306
Using the CLI	308
Example for Configuring Multicast Filtering	309
Network Requirements	309
Configuration Scheme	309
Network Topology	310
Using the GUI	310
Using the CLI	314
Appendix: Default Parameters	317
Default Parameters for IGMP Snooping	317
Default Parameters for MLD Snooping	318
Default Parameters for MVR	319
Default Parameters for Multicast Filtering	319
Configuring Spanning Tree	320
Spanning Tree	321
Overview	321
Basic Concepts	321
STP/RSTP Concepts	321
MSTP Concepts	325
STP Security	326
STP/RSTP Configurations	329
Using the GUI	329
Configuring STP/RSTP Parameters on Ports	329
Configuring STP/RSTP Globally	331
Verifying the STP/RSTP Configurations	333
Using the CLI	335
Configuring STP/RSTP Parameters on Ports	335
Configuring Global STP/RSTP Parameters	337
Enabling STP/RSTP Globally	339
MSTP Configurations	341
Using the GUI	341
Configuring Parameters on Ports in CIST	341
Configuring the MSTP Region	344
Configuring MSTP Globally	348
Verifying the MSTP Configurations	350
Using the CLI	351
Configuring Parameters on Ports in CIST	351
Configuring the MSTP Region	354
Configuring Global MSTP Parameters	357
Enabling Spanning Tree Globally	359
STP Security Configurations	361
Using the GUI	361
Using the CLI	362
Configuring the STP Security	362
Configuration Example for MSTP	365
Network Requirements	365
Configuration Scheme	365
Using the GUI	366
Using the CLI	372
Appendix: Default Parameters	379
Configuring LLDP	381
LLDP	382
Overview	382
Supported Features	382
LLDP Configurations	383
Using the GUI	383
Configuring LLDP Globally	383
Configuring LLDP For the Port	385
Using the CLI	386
Global Config	386
Port Config	388
LLDP-MED Configurations	391
Using the GUI	391
Configuring LLDP Globally	391
Configuring LLDP-MED Globally	391
Configuring LLDP-MED for Ports	392
Using the CLI	394
Global Config	394
Port Config	395
Viewing LLDP Settings	398
Using GUI	398
Viewing LLDP Device Info	398
Viewing LLDP Statistics	402
Using CLI	403
Viewing LLDP-MED Settings	404
Using GUI	404
Using CLI	407
Configuration Example	408
Configuration Example for LLDP	408
Network Requirements	408
Network Topology	408
Configuration Scheme	408
Using the GUI	408
Using CLI	409
Example for LLDP-MED	415
Network Requirements	415
Configuration Scheme	415
Using the GUI	415
Using CLI	418
Appendix: Default Parameters	421
Configuring Layer 3 Interfaces	422
Overview	423
Layer 3 Interface Configurations	424
Using the GUI	424
Creating an Layer 3 Interface	424
Configuring IPv4 Parameters of the Interface	426
Configuring IPv6 Parameters of the Interface	427
Viewing Detail Information of the Interface	430
Using the CLI	431
Creating an Layer 3 Interface	431
Configuring IPv4 Parameters of the Interface	433
Configuring IPv6 Parameters of the Interface	434
Configuration Example	437
Network Requirement	437
Configuration Scheme	437
Using the GUI	437
Using the CLI	438
Appendix: Default Parameters	440
Configuring Routing	441
Overview	442
IPv4 Static Routing Configuration	443
Using the GUI	443
Using the CLI	444
IPv6 Static Routing Configuration	445
Using the GUI	445
Using the CLI	445
Viewing Routing Table	447
Using the GUI	447
Viewing IPv4 Routing Table	447
Viewing IPv6 Routing Table	448
Using the CLI	448
Viewing IPv4 Routing Table	448
Viewing IPv6 Routing Table	449
Example for Static Routing	450
Network Requirements	450
Configuration Scheme	450
Using the GUI	450
Using the CLI	452
Configuring DHCP Service	455
DHCP	456
Overview	456
Supported Features	456
DHCP Server Configuration	461
Using the GUI	461
Enabling DHCP Server	461
Configuring DHCP Server Pool	463
Configuring Manual Binding	464
Using the CLI	465
Enabling DHCP Server	465
Configuring DHCP Server Pool	468
Configuring Manual Binding	471
DHCP Relay Configuration	474
Using the GUI	474
Enabling DHCP Relay and Configuring Option 82	474
Configuring DHCP Interface Relay	476
Configuring DHCP VLAN Relay	476
Using the CLI	478
Enabling DHCP Relay	478
(Optional) Configuring Option 82	479
Configuring DHCP Interface Relay	481
Configuring DHCP VLAN Relay	482
DHCP L2 Relay Configuration	485
Using the GUI	485
Enabling DHCP L2 Relay	485
Configuring Option 82 for Ports	486
Using the CLI	487
Enabling DHCP L2 Relay	487
Configuring Option 82 for Ports	488
Configuration Examples	491
Example for DHCP Server	491
Network Requirements	491
Configuration Scheme	491
Using the GUI	491
Using the CLI	493
Example for DHCP Interface Relay	493
Network Requirements	493
Configuration Scheme	494
Using the GUI	495
Using the CLI	501
Example for DHCP VLAN Relay	503
Network Requirements	503
Configuration Scheme	504
Using the GUI	505
Using the CLI	508
Example for Option 82 in DHCP Relay	510
Network Requirements	510
Configuration Scheme	511
Configuring the DHCP Relay Switch	512
Configuring the DHCP Server	514
Example for DHCP L2 Relay	516
Network Requirements	516
Configuration Scheme	516
Configuring the DHCP Relay Switch	517
Configuring the DHCP Server	520
Appendix: Default Parameters	522
Configuring ARP	525
Overview	526
Supported Features	526
ARP Configurations	528
Using the GUI	528
Viewing the ARP Entries	528
Adding Static ARP Entries Manually	529
Configuring Gratuitous ARP	529
Configuring Proxy ARP	530
Configuring Local Proxy ARP	531
Using the CLI	532
Configuring the ARP Entry	532
Configuring the Gratuitous ARP	534
Configuring Proxy ARP	536
Appendix: Default Parameters	539
Configuring QoS	540
QoS	541
Overview	541
Supported Features	541
Class of Service Configuration	543
Using the GUI	544
Configuring Port Priority	544
Configuring 802.1p Priority	546
Configuring DSCP Priority	548
Specifying the Scheduler Settings	551
Using CLI	552
Configuring Port Priority	552
Configuring 802.1p Priority	554
Configuring DSCP Priority	557
Specifying the Scheduler Settings	561
Bandwidth Control Configuration	564
Using the GUI	564
Configuring Rate Limit	564
Configuring Storm Control	565
Using the CLI	566
Configuring Rate Limit	566
Configuring Storm Control	567
Voice VLAN Configuration	570
Using the GUI	570
Configuring OUI Addresses	570
Configuring Voice VLAN Globally	571

Match case Limit results 1 per page

User Guide

663

Configuring Port Security

Port Security Configuration

Step 3

mac address-table max-mac-count { [max-number

num

] [exceed-max-learned

enable | disable

] [mode

{ dynamic | static | permanent }

] [ status

{ forward | drop | disable }

]}

Enable the port security feature of the port and configure the related parameters.

num

The maximum number of MAC addresses that can be learned on the port. The valid

values are from 0 to 64. The default value is 64.

exceed-max-learned:

With exceed-max-learned enabled, when the maximum number of

MAC addresses on the specified port is exceeded, a notification will be generated and sent

to the management host.

enable:

Enable exceed-max-learned.

disable:

Disable exceed-max-learned.

mode

: Learn mode of the MAC address. There are three modes:

dynamic

: The switch will delete the MAC addresses that are not used or updated within the

aging time.

static

: The learned MAC addresses are out of the influence of the aging time and can only

be deleted manually. The learned entries will be cleared after the switch is rebooted.

permanent

: The learned MAC address is out of the influence of the aging time and can only

be deleted manually. The learned entries will be saved even the switch is rebooted.

status

: Status of port security feature. By default, it is disabled.

drop

: When the number of learned MAC addresses reaches the limit, the port will stop

learning and discard the packets with the MAC addresses that have not been learned.

forward

: When the number of learned MAC addresses reaches the limit, the port will stop

learning but send the packets with the MAC addresses that have not been learned.

disable

: The number limit on the port is not effective, and the switch follows the original

forwarding rules. It is the default setting.

Step 4

show mac address-table max-mac-count interface { fastEthernet

port

| gigabitEthernet

port

| ten-gigabitEthernet

port

}

Verify the Port Security configuration and the current learned MAC addresses of the port.

Step 5

end

Return to privileged EXEC mode.

Step 6

copy running-config startup-config

Save the settings in the configuration file.

Note:

•

Port Security cannot be enabled on the member port of a LAG, and the port with Port Security

enabled cannot be added to a LAG.

•

On one port, Port Security and 802.1x cannot be enabled at the same time.

The following example shows how to set the maximum number of MAC addresses that can

be learned on port 1/0/1 as 30, enable exceed-max-leaned feature and configure the mode

as permanent and the status as drop: