Setting port security's limit on the number of secure MAC addresses on a port

You can set the maximum number of secure MAC addresses that port security allows on a port for the following purposes:

For a port operating in autoLearn mode, you can set the maximum number of secure MAC addresses for all or specific VLANs. When the number of MAC addresses in a VLAN reaches the upper limit, intrusion detection is triggered.

The port security's limit on the number of secure MAC addresses on a port is independent of the MAC learning limit described in MAC address table configuration. For more information about MAC address table configuration, see Layer 2—LAN Switching Configuration Guide.

To set the maximum number of secure MAC addresses allowed on a port:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter interface view.

interface interface-type interface-number

N/A

3. Set the maximum number of secure MAC addresses allowed on a port.

port-security max-mac-count max-count [ vlan [ vlan-id-list ] ]

By default, port security does not limit the number of secure MAC addresses on a port.