???Sticky learned??? addresses do not age out.
0010.f6b3.d000
Unauthorized MAC Address??”
Access Denied
Securing the Expanded Network 73
Scenario for Using Port Security
Imagine ?¬?ve individuals whose laptops are allowed to connect to a speci?¬?c switch port
when they visit an area of the building. You want to restrict switch port access to the MAC
addresses of those ?¬?ve laptops and allow no addresses to be learned dynamically on that
port.
Process for Configuring Port Security
Table 2-14 describes the process that can achieve the desired results for this scenario.
Table 2-14 Port Security
Step Action Notes
1. Port security is con?¬?gured to
allow only ?¬?ve connections
on that port, and one entry is
con?¬?gured for each of the
?¬?ve allowed MAC
addresses.
This step populates the MAC address table with
?¬?ve entries for that port and allows no additional
entries to be learned dynamically.
2. Allowed frames are
processed.
When frames arrive on the switch port, their source
MAC address is checked against the MAC address
table. If the source MAC address matches an entry
in the table for that port, the frames are forwarded
to the switch to be processed like any other frames
on the switch.
Pages:
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132