edge2#sh port-security interface fastEthernet 1/0/10
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Restrict
Aging Time : 5 mins
Aging Type : Inactivity
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 2
Total MAC Addresses : 2
Configured MAC Addresses : 0
Sticky MAC Addresses : 2
Last Source Address:Vlan : 0001.2222.3333:44
Security Violation Count : 1
What actions will the switch take when a frame with an unknown source MAC address arrives at the interface fa1/0/10 ?
Send a SNMP trap
Send a message to syslog server
Increment the Security Violation counter
Forward the traffic
Write the MAC address to the config
Shutdown the port
The action that the device takes when one of these violations occurs can be configured:
Protect - This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, no notification action is taken when traffic is dropped.
Restrict - This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, a syslog message is logged, a Simple Network Management Protocol (SNMP) trap is sent, and a violation counter is incremented when traffic is dropped.
Shutdown - This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the err-disable recovery cause CLI command or by disabling and re-enabling the switchport.
Shutdown VLAN - This mode mimics the behavior of the shutdown mode but limits the err-disabled state the specific violating VLAN.