Forwarding A Mac Address Table-Based Frame; Configuring The Mac Address Table; Configuring Static, Dynamic, And Blackhole Mac Address Table Entries - HP A5830 Configuration Manual
Layer 2 lan switching
Hide thumbs
Also See for A5830:
- Configuration manual (280 pages) ,
- Command reference manual (249 pages) ,
- Configuration manual (152 pages)
Table of Contents
Advertisement
to block all packets destined for a specific user for security concerns, configure the MAC address of
this user as a blackhole MAC address entry.
To adapt to network changes and prevent inactive entries from occupying table space, an aging
mechanism is adopted for dynamic MAC address entries. Each time a dynamic MAC address entry is
obtained or created, an aging time starts. If the entry has not updated when the aging timer expires, the
device deletes the entry. If the entry has updated before the aging timer expires, the aging timer restarts.
A static or blackhole MAC address entry can overwrite a dynamic MAC address entry, but not vice versa.
Forwarding a MAC address table-based frame
When forwarding a frame, the device adopts the following forwarding modes based on the MAC
address table:
Unicast mode: If an entry is available for the destination MAC address, the device forwards the
frame out of the outgoing interface indicated by the MAC address table entry.
Broadcast mode: If the device receives a frame with the destination address as all-ones, or no entry
is available for the destination MAC address, the device broadcasts the frame to all interfaces
except the receiving interface.
Configuring the MAC address table
The configuration tasks discussed in the following sections are all optional and can be performed in any
order.
The MAC address table can only contain Layer 2 Ethernet ports and Layer 2 aggregate interfaces.
This document covers the configuration of unicast MAC address table entries, including static, dynamic,
and blackhole MAC address table entries.
Configuring static, dynamic, and blackhole MAC address table
entries
To help prevent MAC address spoofing attacks and improve port security, manually add MAC address
table entries to bind ports with MAC addresses. also configure blackhole MAC address entries to filter
out packets with certain source or destination MAC addresses.
Adding or modifying a static, dynamic, or blackhole MAC address table entry globally
To add or modify a static, dynamic, or blackhole MAC address table entry in system view:
Step...
1.
Enter system view
2.
Add or modify a
dynamic or static MAC
address entry
3.
Add or modify a
blackhole MAC address
entry
Command...
system-view
mac-address { dynamic | static } mac-
address interface interface-type interface-
number vlan vlan-id
mac-address blackhole mac-address vlan
vlan-id
18
Remarks
—
Required
Use either command
Make sure that you have
created the VLAN and assign
the interface to the VLAN
Hide quick links:
Advertisement
Table of Contents
