|
MAC-manzillar jadvalini tozalash
|
bet | 3/3 | Sana | 25.01.2023 | Hajmi | 135.88 Kb. | | #39419 |
Bog'liq D6hhy7dxaLq03bespa9dGQRwz3Kr jiP
Boshqa qurilmalar ulanishi uchun MAC-manzillar jadvalini tozalash:
switch# clear port-security [all|configured|dynamic|sticky] [address
|interface ]
switch #clear port-security all
switch #clear port-security configured switch #clear port-security dynamic switch #clear port-security sticky
Port-security sozlanishlari haqidagi ma’lumotlarni ko`rish
switch# show port-security
switch# show port-security interface fa0/3
switch# show port-security address Topshiriq
7.4-rasmda keltirilgan tarmoq topologiyasini Cisco Packet Tracer dasturida tuzish talab qilinadi;
Har bir kompyuter uchun IP manzilni sozlang va MAC manzillarni 8.2- rasmda ko`rsatilgandek aniqlang;
Kommutatorning har bir portlariga xavfsizlik ko`rsatkichlarini sozlang;
8.1-jadvalga yuqorida keltirilgan topshiriqlarni kiriting.
8.1-jadval
Qurilma
|
IP-manzil
|
МАС-manzil
|
Interfeys
|
Port rejimlari
|
Laptop0
|
192.168.1.1
|
00E0.F902.D683
|
Fa0
|
n/a
|
Laptop1
|
192.168.1.2
|
000B.BE9B.EE4A
|
Fa0
|
n/a
|
Laptop2
|
192.168.1.3
|
00D0.5819.04E3
|
Fa0
|
n/a
|
Laptop3
|
192.168.1.4
|
0004.9AB9.DAC2
|
Fa0
|
n/a
|
Laptop4
|
192.168.1.5
|
00D0.BAC2.8C58
|
Fa0
|
n/a
|
Laptop5
|
192.168.1.6
|
0000.0C6E.01E0
|
Fa0
|
n/a
|
Laptop5
|
192.168.1.6
|
0000.0C6E.01E0
|
Fa0
|
n/a
|
SW1
|
N/A
|
N/A
|
Fa0/3
|
violation protect
|
SW1
|
N/A
|
N/A
|
Fa0/5-24
|
Shutdown
|
SW2
|
N/A
|
N/A
|
Fa0/1
|
restrict
|
SW2
|
N/A
|
N/A
|
Fa0/2
|
restrict
|
SW2
|
N/A
|
N/A
|
Fa0/3
|
Protect
|
SW2
|
N/A
|
N/A
|
Fa0/4
|
maximum 4
|
8.4-rasm. Tarmoq topologiyasi
Ishni bajarish tartibi
Portni access rejimiga o`zgartirish Switch>enable Switch#configure terminal Switch(config)#hostname Sw1 Sw1(config)#interface fa0/1
Sw1(config-if)#switchport mode access
Sw1 (config-if)#switchport port-security
Secure-MAC ni dinamik aniqlashni ko`rsatish
Sw1 (config-if)#switchport port-security mac-address sticky Sw1 (config-if)#exit
Secure-MAC ni statik aniqlashni ko`rsatish Sw1(config)#interface fastEthernet 0/2 Sw1(config-if)#switchport mode access Sw1(config-if)#switchport port-security
Sw1(config-if)#switchport port-security mac-address 000B.BE9B.EE4A
Sw1(config-if)#end
Xavfsizlik buzilishigi javob berish rejimini sozlash Sw1(config)#interface fastEthernet 0/3 Sw1(config-if)#switchport mode access Sw1(config-if)#switchport port-security
Sw1(config-if)#switchport port-security mac-address sticky Sw1(config-if)#switchport port-security violation protect Sw1(config-if)#end
Ishlatilmayotgan portlarni o`chirish Sw1(config)#interface range fastEthernet 0/5-24 Sw1(config-if-range)#shutdown
Portda secure-MAC maksimal soni N ni ko`rsatish (Bu buyruq Sw2 kommutatorga tavsiya etiladi)
Switch>enable Switch#configure terminal Switch(config)#hostname Sw2 Sw2(config)#interface fa0/4
Sw2(config-if)#switchport mode trunk
Sw2(config-if)#switchport port-security maximum 4 Sw1(config-if)#switchport port-security violation restrict
Natijani tekshirish
Switch#show port-security interface fa 0/1 Port Security : Enabled
Port Status : Secure-up Violation Mode : Shutdown Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1
Total MAC Addresses : 0 Configured MAC Addresses : 0 Sticky MAC Addresses : 0
Last Source Address:Vlan : 0001.63B4.E4A6:1 Security Violation Count : 0
Sozlamalarni saqlash
Switch#copy running-config startup-config
|
| |