Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

switchport port-security aging static command

hi,

Can someone please explain we the above command with example.

many thanks

mahesh

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: switchport port-security aging static command

mahesh18 wrote:

Hi Reza,

thanks for reply i read from cisco website following note but i did not understand what this mean

You can use port security aging to set the aging time for all secure addresses on a port.

#

Use this feature to remove and add PCs on a secure port without manually deleting the existing secure MAC addresses while still limiting the number of secure addresses on a port.

#

if you can explain me this please

mahesh

Mahesh

If you have a port security setting of 5 secure addresses allowed then when the switch has learnt these 5 addresses no more addresses will be allowed. If there is no aging time for the entries then the entry simply remains there as long as the switch is up. If you now want to remove one of the PC's and replace it with another you have a problem because the pot has already learned 5 addresses so it will not allow another.

This is where you use the aging timer. If for example you set the port-security aging timer to 1 then you would only have to wait one minute before the mac-address for the PC you disconnected is removed and now the switch only has 4 addresses learnt on that port. So you can now add your new PC and it will be allowed on that port and becomes the 5th address learned.

Jon

4 REPLIES
VIP Super Bronze

Re: switchport port-security aging static command

New Member

Re: switchport port-security aging static command

Hi Reza,

thanks for reply i read from cisco website following note but i did not understand what this mean

You can use port security aging to set the aging time for all secure addresses on a port.

Use this feature to remove and add PCs on a secure port without manually deleting the existing secure MAC addresses while still limiting the number of secure addresses on a port.

if you can explain me this please

mahesh

Hall of Fame Super Blue

Re: switchport port-security aging static command

mahesh18 wrote:

Hi Reza,

thanks for reply i read from cisco website following note but i did not understand what this mean

You can use port security aging to set the aging time for all secure addresses on a port.

#

Use this feature to remove and add PCs on a secure port without manually deleting the existing secure MAC addresses while still limiting the number of secure addresses on a port.

#

if you can explain me this please

mahesh

Mahesh

If you have a port security setting of 5 secure addresses allowed then when the switch has learnt these 5 addresses no more addresses will be allowed. If there is no aging time for the entries then the entry simply remains there as long as the switch is up. If you now want to remove one of the PC's and replace it with another you have a problem because the pot has already learned 5 addresses so it will not allow another.

This is where you use the aging timer. If for example you set the port-security aging timer to 1 then you would only have to wait one minute before the mac-address for the PC you disconnected is removed and now the switch only has 4 addresses learnt on that port. So you can now add your new PC and it will be allowed on that port and becomes the 5th address learned.

Jon

New Member

Re: switchport port-security aging static command

Hi Jon,

Many thanks for wonderful explanation.

best regards

mahesh

5049
Views
0
Helpful
4
Replies