[x]

Port security configuration commands > port-security ntk-mode

 

 Next

port-security ntk-mode

Syntax

port-security ntk-mode { ntk-withbroadcasts | ntk-withmulticasts | ntkonly }

undo port-security ntk-mode

View

Ethernet interface view

Default level

2: System level

Parameters

ntk-withbroadcasts: Forwards only broadcast frames and unicast frames with authenticated destination MAC addresses.

ntk-withmulticasts: Forwards only broadcast frames, multicast frames, and unicast frames with authenticated destination MAC addresses.

ntkonly: Forwards only unicast frames with authenticated destination MAC addresses.

Description

Use port-security ntk-mode to configure the NTK feature.

Use undo port-security ntk-mode to restore the default.

By default, NTK is disabled on a port and all frames are allowed to be sent.

The need to know (NTK) feature checks the destination MAC addresses in outbound frames to allow frames to be sent to only devices passing authentication, preventing illegal devices from intercepting network traffic.

Related commands: display port-security.

Examples

# Set the NTK mode of port Ethernet 1/0/1 to ntkonly, allowing the port to forward received packets to only devices passing authentication.

<Sysname> system-view
[Sysname] interface ethernet 1/0/1
[Sysname-Ethernet1/0/1] port-security ntk-mode ntkonly

prev

 

up

 next

port-security max-mac-count 

home

 port-security oui

© Copyright 2016 Hewlett Packard Enterprise Development LP