switchport port-security
Use this command to enable port security on an interface.
Use the no form of this command to disable port security on an interface. This command removes configured secured MAC, if any, on this interface.
Note: This command is supported for physical, LAG, and MLAG (active) interfaces only. Enabling port security on an interface removes learned MAC addresses of interfaces (whether learned by static or dynamic means), and then relearns the secure MAC addresses. Multicast MAC addresses are not considered as part of the MAC learning limit.
Note: This command is ignored when port security is already enabled on an interface.
Command Syntax
switchport port-security (static |)
no switchport port-security
Parameters
static
Static mode
Default
By default this feature is disabled; the default mode of port security is to dynamically learn. In dynamic mode, devices learn MAC addresses dynamically. You can program static MACs, however, dynamic MAC learning will not be allowed in static mode for port security.
Command Mode
Interface mode
Applicability
This command was introduced in OcNOS version 4.0.
Examples
#configure terminal
(config)#interface ge1
(config-if)#switchport
(config-if)#bridge-group 1
(config-if)#switchport mode hybrid
(config-if)#switchport hybrid allowed vlan all
(config-if)#switchport port-security
Last modified date: 07/06/2023