Configuring Port Security
Configuring Secure MAC Address Aging on a Port
When the aging type is configured with the absolute keyword, all the dynamically learned secure
addresses age out when the aging time expires. When the aging type is configured with the inactivity
keyword, the aging time defines the period of inactivity after which all the dynamically learned secure
addresses age out.
Static secure MAC addresses and sticky secure MAC addresses do not age out.
Note
These sections describe how to configure secure MAC address aging on a port:
•
•
Configuring the Secure MAC Address Aging Type on a Port
With a PFC3 and Release 12.2(18)SXE and later releases, you can configure the secure MAC address
aging type on a port. With a PFC2, you cannot configure the secure MAC address aging type. The PFC2
supports only absolute aging.
To configure the secure MAC address aging type on a port, perform this task:
Command
Step 1
Router(config)# interface type
Step 2
Router(config-if)# switchport port-security aging
type {absolute | inactivity}
Router(config-if)# no switchport port-security
aging type
Step 3
Router(config-if)# do show port-security
1
interface type
1.
type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet
This example shows how to set the aging type to inactivity on Fast Ethernet Port 5/12:
Router# configure terminal
Enter configuration commands, one per line.
Router(config)# interface fastethernet 5/12
Router(config-if)# switchport port-security aging type inactivity
Router(config-if)# do show port-security interface fastethernet 5/12 | include Type
Aging Type
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
47-12
Configuring the Secure MAC Address Aging Type on a Port, page 47-12
Configuring Secure MAC Address Aging Time on a Port, page 47-13
1
slot/port
slot/port | include Time
Purpose
Selects the LAN port to configure.
Configures the secure MAC address aging type on the
port (default is absolute).
Reverts to the default MAC address aging type.
Verifies the configuration.
End with CNTL/Z.
: Inactivity
Chapter 47
Configuring Port Security
OL-4266-08