From: Wang, Ting \(Taylor\) (wangting@avaya.com)
Date: Tue May 09 2006 - 08:09:11 ART
Hi Group,
The task 1.9 requires the max. number of 5 host can be connect to the
port at the same time. Traffic from excess hosts should be dropped. The
solution use restrict, but I think "protect" should be used. Any one
can explan it?
interface FastEthernet0/22
switchport mode access
switchport port-security
switchport port-security maximum 5
t-security aging time 5
switchport port-security violation restrict
Below is the different for the two options:
- Protect: Set the security violation protect mode. When the number of
secure MAC addresses reach the maximum limit
allowed on the port, packets with unknown source addresses are dropped
until you remove a sufficient number of
secure MAC addresses to drop below the maximum value.
- Restrict: Set the security violation restrict mode. In this mode, a
port security violation restricts data and
causes the SecurityViolation counter to increment.
Thanks,
Taylor
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:21 ART