Cisco "show port-security" Command Explained
show port-security — reports port-security status — which ports enforce MAC limits, current counts, violation actions and any ports err-disabled by violations. Runs in privileged EXEC mode.
Syntax and common variants
| Variant | Purpose |
|---|---|
show port-security | Summary of all secured ports |
show port-security interface gi0/5 | Full detail for one port |
show port-security address | The secure MAC table |
show interfaces status err-disabled | Ports killed by violations |
Reading the output
| Output / element | Meaning |
|---|---|
Max Addrs / CurrentAddr | Allowed vs currently learned MACs |
SecurityViolation | Violation counter |
Security Action | protect / restrict / shutdown |
Port Status: Secure-shutdown | This port tripped and is err-disabled |
When to use it
When a user's port suddenly died, this shows whether port-security shot it: Secure-shutdown status plus a climbing violation counter. Recovery: fix the cause, then shutdown → no shutdown (or errdisable recovery). The address variant shows exactly which MACs are trusted. Browse more in the command reference or practise in the free labs.
Frequently asked questions
A port went err-disabled — how do I restore it?
Resolve the violating device, then bounce the port: shutdown followed by no shutdown (or configure errdisable recovery cause psecure-violation).
What triggers a violation?
An unauthorized MAC appearing — more MACs than the limit, or a MAC different from the sticky/static ones learned.
Where do sticky MACs appear?
In show port-security address and in the running-config as learned entries — save the config to keep them across reboots.
Related articles
Want hands-on training?
Learn this on real Cisco lab devices with placement support at Attila Technologies, Ahmedabad.