port-security mac-address aging-type inactivity

Syntax

port-security mac-address aging-type inactivity

undo port-security mac-address aging-type inactivity

View

Layer 2 Ethernet interface view

Default level

2: System level

Parameters

None

Description

Use port-security mac-address aging-type inactivity to enable inactivity aging for secure MAC addresses (sticky or dynamic).

Use undo port-security mac-address aging-type inactivity to restore the default.

By default, the inactivity aging function is disabled.

If only an aging timer is configured, the aging timer counts up regardless of whether traffic data has been sent from the sticky MAC address. When you use an aging timer together with the inactivity aging function, the aging timer restarts once traffic data is detected from the sticky MAC address. The inactivity aging function prevents the unauthorized use of a secure MAC address when the authorized user is offline, and removes outdated secure MAC addresses so new secure MAC addresses can be learned.

Related commands: port-security timer autolearn aging, and port-security mac-address dynamic.

Examples

# Enable inactivity aging for secure MAC addresses on interface Ethernet 1/0/1.

<Sysname> system-view
[Sysname] interface ethernet 1/0/1
[Sysname-Ethernet1/0/1] port-security mac-address aging-type inactivity