Chapter 32
Configuring Port Security
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m .
Figure 32-1
Port Security Database Scenarios
Switch 1
config Database
<pwwn1, fwwn1>
<pwwn2, fwwn2>
<pwwn3, fwwn3>
active Database
EMPTY
Configuring authorized ports
Switch 1
config Database
<pwwn1, fwwn1>
<pwwn2, fwwn2>
<pwwn3, fwwn3>
<pwwn4, fwwn4>
<pwwn5, fwwn5>
active Database
<pwwn1, fwwn1>
<pwwn2, fwwn2>
<pwwn3, fwwn3>s
Saving the configuration (copy running start)
Port Security Database Copy
Tip
We recommended that you issue port-security database copy vsan command after disabling
autolearning. This action will ensure that t the configuration database is in sync with the active database.
If distribution is enabled, this command results in acquire of temporary copy (and consequently a fabric
lock) of the configuration database. If you lock the fabric, you need to commit the changes to the
configuration database of all the switches.
OL-6973-03, Cisco MDS SAN-OS Release 2.x
Switch 1
Activating the
database
CLI
learned entires
Learning entries (pwwn4/5 already logged in)
Switch 1
learned entires
Note:
Learned entries
are not saved
in the startup
configuration.
Copying active database to config database
config Database
<pwwn1, fwwn1>
<pwwn2, fwwn2>
<pwwn3, fwwn3>
active Database
<pwwn1, fwwn1>
<pwwn2, fwwn2>
<pwwn3, fwwn3>
<pwwn4, fwwn4>
<pwwn5, fwwn5>
config Database
<pwwn1, fwwn1>
<pwwn2, fwwn2>
<pwwn3, fwwn3>
<pwwn4, fwwn4>
<pwwn5, fwwn5>
active Database
<pwwn1, fwwn1>
<pwwn2, fwwn2>
<pwwn3, fwwn3>
<pwwn4, fwwn4>
<pwwn5, fwwn5>
Cisco MDS 9000 Family Configuration Guide
Port Security Database Copy
Note:
Learned entries
are saved in
the active
database.
32-13