To return an interface to its default con?¬?guration, use
the default interface interface-id global con?¬?guration command. This command returns
all interface con?¬?gurations to their defaults.
Describing Port Security
Port security is a feature supported on Cisco Catalyst switches that restricts a switch port
to a speci?¬?c set or number of MAC addresses. The switch can learn these addresses
dynamically, or you can con?¬?gure them statically. Figure 2-35 shows how the switch
interacts with port security.
NOTE The switchport host macro disables EtherChannel and trunking and enables
STP PortFast.
72 Chapter 2: Medium-Sized Switched Network Construction
Figure 2-35 Port Security
A port that is con?¬?gured with port security accepts frames only from those addresses that
it has learned or that you have con?¬?gured.
Port security has several implementations:
?– Dynamic:You specify how many different MAC addresses are permitted to use a port
at one time. You use the dynamic approach when you care only about how many rather
than which speci?¬?c MAC addresses are permitted. Depending on how you con?¬?gure
the switch, these dynamically learned addresses age out after a certain period, and new
addresses are learned, up to the maximum that you have de?¬?ned.
Pages:
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130