switchport port-security maximum

Use this command to set the MAC address learning limit for an interface.

This command is supported for physical, LAG, and MLAG (active) interfaces only. When a newly configured maximum learn limit is less than the previous value, you must remove/flush-out the unwanted MACs to stop traffic forwarding from the unwanted source MAC addresses. MAC addresses can be removed using the clear mac address-table command.

Use no form cli to set the maximum limit back to default value 1.

Command Syntax

Copy

switchport port-security maximum <1-1000>
no switchport port-security maximum

Parameters

<1-1000>

Maximum MAC address learning limit

Default

The default MAC address learning limit is 1.

Command Mode

Interface mode

Applicability

This command was introduced in OcNOS Version SP 4.0.

Example

Copy

#configure terminal
(config)#interface ge1
(config-if)#switchport port-security maximum 3

#configure terminal
(config)#interface po1
(config-if)#switchport port-security maximum 3

#configure terminal
(config)#interface mlag1
(config-if)#switchport port-security maximum 3