Cisco CCNA Basics XI: Port Security Aging
Today I am going to talk about another article on the port security in the switched network and the article is all about the port security ageing. When we are talking about the port security ageing, there are two kinds of port security ageing and these are as defined below:
Absolute: The secure addresses on that port are deleted after the specified aging time.
Inactivity: The secure addresses on this port are deleted only if the secure addresses are inactive for the specified aging time.
We have "inactivity" configured, which means that after 2 min (the time you have specified) the secure mac addresses are deleted. This feature is useful if you want to grant access only for a certain time.
Aging is relevant in situations where the port remains connected. If a port gets disconnected and goes down, dynamic secure MAC addresses are flushed immediately (static and sticky secure MAC addresses will be retained).
 |
| Fig 1.1- Port Security Aging |
Configure the secure MAC address aging type on a port
RouteXP_Sw # configure terminal
RouteXP_Sw (config)# interface ethernet 1/1
RouteXP_Sw (config-if) # switchport port-security aging type absolute
RouteXP_Sw (config-if) #
Set the secure MAC address aging time to 2 minutes
RouteXP_Sw # configure terminal
RouteXP_Sw (config)# interface ethernet 1/1
RouteXP_Sw (config-if) # switchport port-security aging time 2
RouteXP_Sw (config-if) #
