switchport port-security maximum
This command does not require a license.
Maximums for Access Ports and Trunk Ports
For an interface used as an access port, we recommend that you use the default interface maximum of one
secure MAC address.
For an interface used as a trunk port, set the interface maximum to a number that reflects the actual number
of hosts that could use the interface.
Interface Maximums, VLAN Maximums, and the Device Maximum
The sum of all VLAN maximums that you configure on an interface cannot exceed the interface maximum.
For example, if you configure a trunk-port interface with an interface maximum of 10 secure MAC addresses
and a VLAN maximum of 5 secure MAC addresses for VLAN 1, the largest maximum number of secure
MAC addresses that you can configure for VLAN 2 is also 5. If you tried to configure a maximum of 6 secure
MAC addresses for VLAN 2, the device would not accept the command.
Examples
This example shows how to configure an interface maximum of 10 secure MAC addresses on the Ethernet
2/1 interface:
switch# configure terminal
switch(config)# interface ethernet 2/1
switch(config-if)# switchport port-security maximum 10
switch(config-if)#
Related Commands
Command
feature port-security
show port-security
switchport port-security
switchport port-security aging time
switchport port-security aging type
switchport port-security mac-address
switchport port-security mac-address sticky
switchport port-security violation
Cisco Nexus 7000 Series Security Command Reference
684
Description
Enables port security globally.
Shows information about port security.
Enables port security on a Layer 2 interface.
Configures the aging time for dynamically learned,
secure MAC addresses.
Configures the aging type for dynamically learned,
secure MAC addresses.
Configures a static MAC address.
Enables the sticky method for learning secure MAC
addresses.
Configures the security violation action for an
interface.
S Commands