交换机端口安全,
将交换机的端口配置成只允许一个主机即一个MAC地址,超过的shutdown
Switch#vlan database
% Warning: It is recommended to configure VLAN from config mode,
  as VLAN database mode is being deprecated. Please consult user
  documentation for configuring VTP/VLAN in config mode.
Switch(vlan)#vlan 10     //新建VLAN
VLAN 10 modified:
Switch(vlan)#vlan 10 name jsj     // 将VLAN 改名为JSJ
VLAN 10 modified:
    Name: jsj
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch#
Switch#config terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#
Switch(config)#interface range fa0/1 - 4
Switch(config-if-range)#switchport mode access //将端口配置成接入模式
Switch(config-if-range)#switchport access vlan 10
Switch(config-if-range)#switchport port-security   //启动端口安全
Switch(config-if-range)#switchport port-security maximum 1   //最多允许一个MAC
Switch(config-if-range)#switchport port-security violation shutdown  //违规shutdown
Switch(config-if-range)#switchport port-security mac-address sticky //启动粘性学习
Switch(config-if-range)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console
Switch#show mac-address-table
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 
 
主机之间互相通信,以交换机建立MAC表
看到所有的MAC交换机都学习到了后,
保存配置  copy running-config startup-config
用reload重启交换机
用show mac-address-table将会看到以下信息
 
Switch#show mac-address-table
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports     //mac表为静态
----    -----------       --------    -----
  10    0002.4a56.d9d7    STATIC      Fa0/4
  10    0003.e4c6.84ee    STATIC      Fa0/3
  10    00e0.8f67.9787    STATIC      Fa0/2
  10    00e0.8fd3.b4a7    STATIC      Fa0/1
 
 
 
 
欢迎提出建议,本人初学!!