Port Security Rule

The port security rule is divided to four kinds:

MAC rule: Control whether the host can communicate according to the MAC address of the host. The binding mode of the MAC rule contains MAC binding, MAC+VLAN binding, MAC+IP binding, and MAC+IPv6 binding.

IP rule: Control whether the host can communicate according to the IP address of the host. The IP rule can be for the binding of a single IP address and also can be for the binding of the IP address segment.

IPv6 rules: Control whether the host can communicate according to the IPv6 address of the host. IPv6 rules can be bound for a single IPv6 address or for IPv6 address segments;

MAX rule: Limit the number of the MAC addresses that can be learned by the port freely to control the host communication. The number of the MAC address entries does not contain the valid MAC address entries generated by the MAC rule, IP rule, and IPv6 binding

STICKY rule: Control whether the host can communicate according to the MAC address of the host. The binding mode of the STICKY rule contains the MAC binding, MAC+VLAN binding, MAC+IP binding, and MAC + IPv6 binding. The STICKY rule can automatically learn and also can configure manually, and is saved in the running configuration. If saving the running configuration before the device restarts, do not need to configure again after the device restarts and the STICKY rule automatically takes effect. When enabling the STICKY function in the port and the STICKY learn mode is MAC mode, convert the dynamic MAC entry learned by the MAX rule to the STICKY rule and save in the running configuration.