DGS-3710 Series Layer 2 Managed Gigabit Switch CLI Reference Guide
518
VLAN of the entry is removed or the port are removed from the VLAN, or port security is
disabled on the port where the address resides.
deleteontimeout
- The locked addresses can be aged out after aging timer expires.
deleteonreset
- This address will be removed if the switch is reset or reboots. The cases
under which the permanent entries are deleted also apply to the deleteonreset entries
vlan
- (Optional) Specifies the VLAN to limit the address learning.
<vlan_name 32>
- Specifies the name of the VLAN. The maximum length is 32 characters.
vlanid
- Specifies a list of VLANs by VLAN ID to limit the address learning.
<vidlist>
- Specifies a list of VLAN ID.
max_learning_addr
- (Optional) Specifies the maximum MAC address entries that can be
learned on this port of the specified VLAN. If the value is set to 0, it means that no user can
get authorized by the port security function on this port. If the setting is smaller than the
number of current learned entries on the port, the command will be rejected. The default value
is 32.
<max_lock_no 0-16384>
- Specifies the value between 0 and 16384.
no_limit
- Specifies no limitation on the number of entries.
Restrictions
Only Administrator and Operator-level users can issue this command.
Example
To configure port security:
DGS-3710-12C:admin#config port_security ports 6 admin_state enable
max_learning_addr 10 lock_address_mode permanent
Command: config port_security ports 6 admin_state enable max_learning_addr 10
lock_address_mode permanent
Success.
DGS-3710-12C:admin#
To configure a port security setting:
DGS-3710-12C:admin#config port_security ports 1 vlan vlanid 1 max_learning_addr
16
Command: config port_security ports 1 vlan vlanid 1 max_learning_addr 16
Success.
DGS-3710-12C:admin#
50-2
config port_security system max_learning_addr
Description
This command is used to set the maximum number of MAC address entries that can be authorized
system wide. There are four levels of limitations on the learned entry number, for the entire system,
for a port, for a VLAN, and for specific VLAN on a port. If any limitation is exceeded, the new entry
will be discarded.