MAC Locking Configuration Example

The following command enables MAC locking both globally for the device (stack) and at the port level for ports 2:1 through 2: 5:

Slot-1 Stack.1 # enable mac-locking

Slot-1 Stack.2 # enable mac-locking ports 2:1-2:5

The following command lines enable port 2:1 for a maximum of 3 static MAC address entries. This is followed by four static MAC address creation entries. The fourth entry fails because the maximum allowed has been set to 3.

* Slot-1 Stack.3 # configure mac-locking ports 2:1 static limit-learning 3
* Slot-1 Stack.4 # configure mac-locking ports 2:1 static add station 00:22:33:44:55:66
* Slot-1 Stack.5 # configure mac-locking ports 2:1 static add station 00:22:33:44:55:77
* Slot-1 Stack.6 # configure mac-locking ports 2:1 static add station 00:22:33:44:55:88
* Slot-1 Stack.7 # configure mac-locking ports 2:1 static add station 00:22:33:44:55:99
Error: Station 00:22:33:44:55:99 cannot be added as maximum static limit of 3 is already reached on port 2:1.


* Slot-1 Stack.10 # show mac-locking stations static ports 2:1
Port   MAC Address         Status     State           Aging
-----  -----------------   --------   -------------   -----
2:1    00:22:33:44:55:66   active     static          false
2:1    00:22:33:44:55:77   active     static          false
2:1    00:22:33:44:55:88   active     static          false

Total for specified ports: 3 Static: 3 First-Arrival: 0
* Slot-1 Stack.11 #
The following commands configure ports 2:2 through 2:5 for dynamic MAC locking with a maximum of 15 users on each port. This is followed by a line enabling MAC locking trap messaging on ports 2:1 through 5:
* Slot-1 Stack.12 # configure mac-locking ports 2:2-2:5 first-arrival limit-learning 15
* Slot-1 Stack.13 # configure mac-locking ports 2:2-2:5 trap on
* Slot-1 Stack.14 # show mac-locking ports 2:1-2:5

MAC locking is globally enabled.

Port   MAC  Trap      Log       FA    Limit     Link    Max Max   Last Violating
       Lock Thr|Viol Thr|Viol Aging   Action    Down    Stc FA    MAC Address
       Stat                          Cfg|Stat   Action
-----  ---- -------- -------- ----- --------    ------ --- ---    -----------------
2:1    ena  off|off   off|off   dis  ena|ena   clear     3 600    00:00:00:00:00:00
2:2    ena  off|on    off|off   dis  ena|ena   clear    64   15   00:00:00:00:00:00
2:3    ena  off|on    off|off   dis  ena|ena   clear    64   15   00:00:00:00:00:00
2:4    ena  off|on    off|off   dis  ena|ena   clear    64   15   00:00:00:00:00:00
2:5    ena  off|on    off|off   dis  ena|ena   clear    64   15   00:00:00:00:00:00

Legend:
Stat              - Status                    Thr|Viol - Threshold | Violation
Max Stc           - Max Static Count          Max FA   - Max First-Arrival Count
dis               - Disabled                  ena      - Enabled
retain            - Retain MACs               clear     - Clear MACs
Limit Action Cfg  - If port should be disabled when learnt limit is exceeded
             dis   - Port to be disabled when learn limit is exceeded
             ena   - Port to remain enabled when learn limit is exceeded
Limit Action Stat - Port status on exceeding learn limit
* Slot-1 Stack.15 #