Basic Concepts; Mff Operation Modes - HP 10500 Series Configuration Manual

Basic concepts

An MFF-enabled device provides two types of ports: user ports and network ports.
User port
An MFF user port is directly connected to a host and processes packets as follows:
Allows DHCP packets and multicast packets to pass.
•
Delivers ARP packets to the CPU.
•
• After learning the gateways' MAC addresses, a user port allows only the unicast packets with the
gateways' MAC addresses as the destination MAC addresses to pass. If no gateways' MAC
addresses are learned, a user port discards all received unicast packets.
Network port
An MFF network port is connected to a networking device, such as an access switch, a distribution switch
or a gateway. A network port processes the following packets differently:
• Allows multicast packets and DHCP packets to pass.
Delivers ARP packets to the CPU.
•
Denies broadcast packets.
•
Configure the following ports as network ports: upstream ports connected to a gateway, ports connected
to the downstream MFF devices in a cascaded network (a network with multiple MFF devices connected
to one another), and ports between devices in a ring network.
A network port is not always an upstream port.
If you enable MFF for a VLAN, each port in the VLAN must be an MFF network or user port.
Link aggregation is supported by network ports in an MFF-enabled VLAN, but is not supported by user
ports in the VLAN. You can add network ports to link aggregation groups but cannot add user ports to
link aggregation groups. For more information about link aggregation, see Layer 2—LAN Switching
Configuration Guide.

MFF operation modes

Manual mode
The manual mode applies to a scenario where IP addresses are statically assigned to the hosts, and the
hosts cannot obtain the gateway information through DHCP. A VLAN maintains only the MAC address
of the default gateway.
In manual mode, after receiving an ARP request for a host's MAC address from the gateway, the MFF
device directly replies with the host's MAC address to the gateway according to the ARP snooping entries.
The MFF device also forges ARP requests to get the gateway's MAC address based on ARP snooping
entries.
After learning the gateway's MAC address and then receiving an ARP packet with a different source
MAC address from the default gateway, the MFF device replaces the old MAC address with the new one.
Automatic mode
The automatic mode applies to a scenario where hosts use DHCP to obtain IP addresses.
With MFF automatic mode enabled, a DHCP snooping device, upon receiving a DHCP ACK message,
resolves Option 3 in the message (Router IP option) to obtain a gateway for the client's IP-MAC snooping
274