access: disable port-security on trunk ports
Because it messes up AP roaming: client MAC will not be learned on the switch port for the new AP until the old one times out in five minutes.
This commit is contained in:
parent
cf0fb98e4d
commit
a1147a3283
1 changed files with 8 additions and 0 deletions
|
|
@ -24,11 +24,19 @@ interface {{ iface.name }}
|
||||||
interface {{ iface.name }}
|
interface {{ iface.name }}
|
||||||
{# common setup for user-facing interfaces #}
|
{# common setup for user-facing interfaces #}
|
||||||
{% if iface.type.value != 'lag' and not iface.mgmt_only %}
|
{% if iface.type.value != 'lag' and not iface.mgmt_only %}
|
||||||
|
{% if iface.mode and iface.mode.value == 'access' %}
|
||||||
switchport port-security
|
switchport port-security
|
||||||
switchport port-security maximum 64
|
switchport port-security maximum 64
|
||||||
switchport port-security violation shutdown
|
switchport port-security violation shutdown
|
||||||
switchport port-security aging time 5
|
switchport port-security aging time 5
|
||||||
switchport port-security aging type inactivity
|
switchport port-security aging type inactivity
|
||||||
|
{% else %}
|
||||||
|
no switchport port-security
|
||||||
|
no switchport port-security maximum
|
||||||
|
no switchport port-security violation
|
||||||
|
no switchport port-security aging time
|
||||||
|
no switchport port-security aging type
|
||||||
|
{% endif %}
|
||||||
{% if iface.enabled %} no shutdown{% else %} shutdown{% endif %}
|
{% if iface.enabled %} no shutdown{% else %} shutdown{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue