port-security max-mac-count

Syntax

port-security max-mac-count count-value

undo port-security max-mac-count

View

Ethernet interface view

Default level

2: System level

Parameters

count-value: Specifies the maximum number of MAC addresses that port security allows on the port. The value is in the range of 1 to 1024.

Description

Use port-security max-mac-count to set the maximum number of MAC addresses that port security allows on a port.

Use undo port-security max-mac-count to restore the default setting.

By default, port security has no limit on the number of MAC addresses on a port.

In autoLearn mode, this command sets the maximum number of secure MAC addresses (both configured and automatically learned) on the port.

In any other mode that enables 802.1X, MAC authentication, or both, this command sets the maximum number of authenticated MAC addresses on the port. The actual maximum number of concurrent users that the port accepts equals this limit or the authentication method's limit on the number of concurrent users, whichever is smaller. For example, in userLoginSecureExt mode, if 802.1X allows less concurrent users than port security's limit on the number of MAC addresses, port security's limit takes effect.

You cannot change port security's limit on the number of MAC addresses when the port is operating in autoLearn mode.

Related commands: display port-security.

Examples

# Set port security's limit on the number of MAC addresses to 100 on port Ethernet 1/0/1.

<Sysname> system-view
[Sysname] interface ethernet 1/0/1
[Sysname-Ethernet1/0/1] port-security max-mac-count 100