Huawei AR530 series Configuration Manual page 42
Industrial switch routers ethernet switching
Hide thumbs
Also See for AR530 series:
- Configuration manual (310 pages) ,
- Quick start manual (9 pages) ,
- Hardware installation and maintenance manual (219 pages)
Table of Contents
Advertisement
Huawei AR530&AR550 Series Industrial Switch Routers
Configuration Guide - Ethernet Switching
l
If the fault persists, go to step 5.
Step 6 Check whether the number of learned MAC address entries has reached the maximum value
supported by the industrial switch router.
Run the display mac-address summary command to check the number of MAC address entries
in the MAC address table.
l
Issue 01 (2014-11-30)
-
0001-0001-0001 3333/-
------------------------------------------------------------------------------
-
Total items displayed = 1
If a blackhole MAC address entry is displayed, run the undo mac-address blackhole
command to delete it.
MAC address limiting on the interface or VLAN
– Run the display this command in the interface view or VLAN view. If the command
output contains mac-limit maximum, the number of learned MAC addresses is limited.
Run either of the following commands:
– Run the undo mac-limit command in the interface view or VLAN view to cancel
MAC address limiting.
– Run the mac-limit command in the interface view or VLAN view to increase the
maximum number of learned MAC address entries.
– Run the display this command in the interface view. If the command output contains
port-security max-mac-num or port-security enable, the number of secure dynamic
MAC addresses is limited on the interface. Run either of the following commands:
NOTE
By default, the limit on the number of secure dynamic MAC addresses is 1 after port security is
enabled.
– Run the undo port-security enable command in the interface view to disable port
security.
– Run the port-security max-mac-num command in the interface view to increase
the maximum number of secure dynamic MAC address entries on the interface.
If the number of learned MAC address entries has reached the maximum value supported
by the industrial switch router, no MAC address entry can be created. Run the display mac-
address command to view all MAC address entries.
– If the number of MAC address entries learned on an interface is much larger than the
number of devices on the network connected to the interface, a user on the network may
maliciously update the MAC address table. Check the device connected to the interface:
– If the interface is connected to a device, run the display mac-address command on
the device to view its MAC address table. Locate the interface connected to the
malicious user host based on the displayed MAC address entries. If the interface that
you find is connected to another device, repeat this step until you find the user of
the malicious user.
– If the interface is connected to a computer, perform either of the following operations
after obtaining permission from the administrator:
– Disconnect the computer. When the attack stops, connect the computer to the
network again.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
1 MAC Address Table Configuration
-
blackhole
28
Hide quick links:
Advertisement
Table of Contents
