Configuring NTK

The NTK feature checks the destination MAC addresses in outbound frames to make sure that frames are forwarded only to authenticated devices. Any unicast frame with an unknown destination MAC address is discarded. Not all port security modes support triggering the NTK feature. For more information, see Table 13

The NTK feature supports the following modes:

To configure the NTK feature:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

N/A

3. Configure the NTK feature.

port-security ntk-mode { ntk-withbroadcasts | ntk-withmulticasts | ntkonly }

By default, NTK is disabled on a port and all frames are allowed to be sent.