Mac-Based Security; Displaying Fdb Entries - Extreme Networks ExtremeWare XOS Guide Manual

Forwarding Database

MAC-Based Security

MAC-based security allows you to control the way the FDB is learned and populated. By managing
entries in the FDB, you can block and control packet flows on a per-address basis.
MAC-based security allows you to limit the number of dynamically-learned MAC addresses allowed
per virtual port. You can also "lock" the FDB entries for a virtual port, so that the current entries will
not change, and no additional addresses can be learned on the port.
You can also prioritize or stop packet flows based on the source MAC address of the ingress VLAN or
the destination MAC address of the egress VLAN.
For detailed information about MAC-based security, see

Displaying FDB Entries

To display FDB entries, use the following command:
show fdb {<mac_addr> | broadcast-mac | permanent | ports <portlist> | vlan
<vlan_name>}
where the following is true:
—Displays the entry for a particular MAC address.
●
mac_address
—Specifies the broadcast MAC address. May be used as an alternate to the colon-
●
broadcast-mac
separated byte form of the address ff:ff:ff:ff:ff:ff
—Displays all permanent entries, including the ingress and egress QoS profiles.
●
permanent
—Displays the entries for a set of ports or slots and ports.
●
ports <portlist>
—Displays the entries for a VLAN.
●
vlan <vlan name>
With no options, the command displays all FDB entries. (The age parameter does not show on the
display for the backup MSM; it does show on the display for the primary MSM.)
See the ExtremeWare XOS Command Reference Guide for details of the commands related to the FDB.
ExtremeWare XOS 11.1 Concepts Guide
Chapter 13.
178