set interface gigabit-ethernet port-security violation

gigabit-ethernet <interface-name>

Specifies the physical interface name. For example, te-1/1/49, ge-1/1/1.

violation <protect | restrict | shutdown | shutdown-temp>

Specifies the protective action. The value could be protect, restrict, shutdown or shutdown-temp.

• protect: Discards packets with new source MAC addresses when the number of learned MAC addresses exceeds the limit.
• restrict: Discards packets with new source MAC addresses and generates a warning syslog message when the number of learned MAC addresses exceeds the limit.
• shutdown: Shuts the interface down, sets the interface status to error-disabled and generates a warning syslog message when the number of learned MAC addresses exceeds the limit. User can recover the port with the run clear port-security port-error command.
• shutdown-temp: Shuts the interface down temporarily, sets the interface status to error-discard and generates a warning syslog message when the number of learned MAC addresses exceeds the limit. After 20 seconds (default), the interface comes up. The set interface ethernet-switching-options port-error-discard timeout command configures the port recovery interval when the port security violation mode is configured to shutdown-temp.

The default value is protect.