Port security in Junos
Hello chaps,
I have looked everywhere for help on this but I just have not had any luck! Is there a way to do sticky mac address learning with port security in Junos? I'm hooking up a bunch of linux servers with bonded interfaces to an EX4200 and would prefer to use the sticky learning with a MAC address limit on each port set to 1 rather than typing in each one (if I was a contracter I might say different
). Anyone know if this is possible? The swithces are running release 10.4 if that helps.
Thanks
I have looked everywhere for help on this but I just have not had any luck! Is there a way to do sticky mac address learning with port security in Junos? I'm hooking up a bunch of linux servers with bonded interfaces to an EX4200 and would prefer to use the sticky learning with a MAC address limit on each port set to 1 rather than typing in each one (if I was a contracter I might say different
). Anyone know if this is possible? The swithces are running release 10.4 if that helps.Thanks
Comments
Before these switches arrived, I've only really touched SRX and J series devices... and boy do I love how Junos does security policies!
set ethernet-switching-options secure-access-port <interface> mac-limit <number> action <drop, log, none, shutdown>
Think that's what you're looking for at least..
Understanding Persistent MAC Learning (Sticky MAC) - Technical Documentation - Support - Juniper Networks
Configuring Persistent MAC Learning (CLI Procedure) - Technical Documentation - Support - Juniper Networks
Oh that is great news! Thanks so much mate
ethernet-switching-options {
secure-access-port {
interface ge-0/0/X.0 {
mac-limit 2 action shutdown;
persistent-learning;
}
Removal of Security:
login as root(or super user ?),
user@hostname> clear ethernet-switching port-error interface ge-0/0/x
x= portnumber.