Alcatel-Lucent 7750 SR OS Service Manual page 473

Description
This command indicates how the system will forward packets destined to an unprotected MAC
address. While enabled all packets entering the configured SAP will be verified to contain a protected
destination MAC address. If the packet is found to contain a non-protected destination MAC, it will
be discarded. Detecting a non-protected destination MAC on the SAP will not cause the SAP to be
placed in the operationally down state.
If a MAC is defined with a static address, after that MAC was already learned by the system on a
restricted SAP, the system will bring the SAP to an operationally down state, flush the MAC and
generate a trap.
If the destination MAC address of a packet entering a restricted SAP with restrict-unprotected-dst
enabled, and if it is not a protected MAC, the packet will be discarded.
If the destination MAC address is unknown, even if the packet is entering a restricted SAP, with
restrict-unprotected-dst enabled, it will be flooded.
You can specify a static MAC in the mac-protect list. This action fails if the static MAC is defined
under a restricted SAP. If the MAC is protected first, the system does not allow it to be added as static
under a restricted SAP.
Default
no restrict-unprotected-dst
tod-suite
Syntax tod-suite tod-suite-name
no tod-suite
Context config>service>vpls>sap
Description
This command applies a time-based policy (filter or QoS policy) to the service SAP. The suite name
must already exist in the config>cron context.
Default
no tod-suite
Parameters
tod-suite-name — Specifies collection of policies (ACLs, QoS) including time-ranges that define the
7750 SR OS Services Guide
full or partial behavior of a SAP. The suite can be applied to more than one SAP.
Virtual Private LAN Services
Page 473