Viewing
Displaying port security settings
Syntax
show port-security
show port-security
port number
The CLI uses the same command to provide two types of port security listings:
All ports on the switch with their Learn Mode and (alarm) Action
Only the specified ports with their Learn Mode, Address Limit, (alarm) Action, and Authorized Addresses
Without port parameters,
show port-security
displays Operating Control settings for all ports on a switch.
With port numbers included in the command, show
port-security
displays Learn Mode, Address Limit, (alarm)
Action, and Authorized Addresses for the specified ports on a switch.
The following example lists the full port security configuration for
a single port:
The next example shows the option for entering a range of ports, including a series of non-contiguous ports. Note that no spaces are allowed in the port number portion of the command string:
switch(config)# show port-security A1-A3,A6,A8
Displaying ARP Packet Statistics
To display statistics about forwarded ARP packets,
dropped ARP packets, MAC validation failure, and IP validation failures,
enter the show arp-protect statistics <vid-range>
command:
Monitoring Dynamic ARP Protection
When dynamic ARP protection is enabled, you can monitor and troubleshoot the validation of ARP packets with the debug arp-protect command. Use this command when you want to debug the following conditions:
The switch is dropping valid ARP packets that should be allowed.
The switch is allowing invalid ARP packets that should be dropped.
Debug arp-protect command
Listing authorized and detected MAC addresses
Syntax
Without an optional parameter, show mac-address lists the authorized MAC addresses that the switch detects on all ports.
mac-address
Lists the specified MAC address with the port on which it is detected as an authorized address.
port list
Lists the authorized MAC addresses detected on the specified ports.
vlan
<vid>
Lists the authorized MAC addresses detected on ports belonging to the specified VLAN.
Viewing the current instrumentation monitor configuration
The show instrumentation monitor configuration
command
displays the configured thresholds for monitored parameters.
An alternate method of determining the current Instrumentation Monitor configuration is to use the show run command. However, the show run command output does not display the threshold values for each limit set.