Configure Processing Mode when Receiving Invalid Packet
Configuration Condition
Before configuring the processing mode when receiving the invalid packet, first complete the following task:
- Enable the port security function
Configure Processing Mode when Receiving Invalid Packet
The port security provides three kinds of processing modes for the invalid packet, that is, protect, restrict and shutdown. The user can select according to the security requirement. The specific functions of the three processing modes are as follows:
- protect: After receiving the invalid packet, drop the packet.
- restrict: After receiving the invalid packet, drop the packet and trap the information to the NMS.
- shutdown: After receiving the invalid packet, drop the packet, disable the port receiving the packet and trap the information to the NMS.
Table 3-11 Configure the processing mode when receiving the invalid packet
|
Step
|
Command
|
Description
|
|
Enter global configuration mode
|
configure terminal
|
-
|
|
Enter the L2 Ethernet interface configuration mode
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration just takes effect on the current port. After entering the aggregation group configuration mode, the subsequent configuration just takes effect on the aggregation group.
|
|
Enter the aggregation group configuration mode
|
interface link-aggregation link-aggregation-id
|
|
Configure the processing mode of the invalid packet
|
port-security violation { protect | restrict | shutdown }
|
Mandatory
By default, the processing mode when the port security receives the invalid packet is protect.
|
Switch
.png){kind=icon}
.png){kind=logo}
