No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Security

CloudEngine 8800, 7800, 6800, and 5800 V200R005C10

This document describes the configurations of Security, including ACL, local attack defense, MFF, attack defense, traffic suppression and storm control, ARP security, Port security, DHCP snooping, ND snooping, PPPoE+, IPSG, SAVI, separating the management plane from the service plane, security risks.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Licensing Requirements and Limitations for Port Security

Licensing Requirements and Limitations for Port Security

Involved Network Element

Other network elements are not required.

Licensing Requirements

Port security is a basic feature of a switch and is not under license control.

Version Requirements

Table 11-3 Products and minimum version supporting port security

Product Model

Minimum Version Required

CE8860EI

V100R006C00

CE8861EI

V200R005C10

CE8868EI

V200R005C10

CE8850-32CQ-EI

V200R002C50

CE8850-64CQ-EI

V200R005C00

CE7850EI

V100R003C00

CE7855EI

V200R001C00

CE6810EI

V100R003C00

CE6810-48S4Q-LI/CE6810-48S-LI

V100R003C10

CE6810-32T16S4Q-LI/CE6810-24S2Q-LI

V100R005C10

CE6850EI

V100R001C00

CE6850-48S6Q-HI

V100R005C00

CE6850-48T6Q-HI/CE6850U-HI/CE6851HI

V100R005C10

CE6855HI

V200R001C00

CE6856HI

V200R002C50

CE6857EI

V200R005C10

CE6860EI

V200R002C50

CE6865EI

V200R005C00

CE6870-24S6CQ-EI/CE6870-48S6CQ-EI

V200R001C00

CE6870-48T6CQ-EI

V200R002C50

CE6875EI

V200R003C00

CE6880EI

V200R002C50

CE5810EI

V100R002C00

CE5850EI

V100R001C00

CE5850HI

V100R003C00

CE5855EI

V100R005C10

CE5880EI

V200R005C10

Feature Dependencies and Limitations

  • Port security and MUX VLAN cannot be configured together.
  • Port security and MAC address limiting cannot be configured on an interface.
  • For the CE6870EI and CE6875EI, port security cannot take effect on the interface that is connected to the VPLS or VXLAN network.
  • For the CE6870EI and CE6875EI, port security and MAC address limiting cannot take effect when Layer 3 forwarding is performed.
  • Valid users need to go online first when port security is performed.
  • For the CE6870EI and CE6875EI that have a secure MAC address configured on port A, in normal cases, if the MAC address of a packet received by port A is not in the MAC address table and is not a secure MAC address, port A discards the packet. If port B learns the MAC address and records it in the MAC address table, port A does not discard the packet with this MAC address.
  • When a packet with the destination MAC address as the system MAC address is received on a port, the port does not check whether port security is enabled and whether the number of secure MAC addresses learned by the port reaches the upper limit.
Translation
Download
Updated: 2019-04-20

Document ID: EDOC1100074765

Views: 18458

Downloads: 61

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next