Extreme Networks ExtremeWare XOS Guide Manual page 316
Concepts guide
Hide thumbs
Also See for ExtremeWare XOS Guide:
- Command reference manual (2024 pages) ,
- Manual (496 pages) ,
- Manual (256 pages)
Table of Contents
Advertisement
Security
NOTE
Blackhole FDB entries added due to MAC security violations on the BlackDiamond 8800 family of switches (formerly
known as Aspen) and the Summit X450 switch are removed after each FDB aging period regardless of whether the
MAC addresses in question are still sending traffic. If the MAC addresses are still sending traffic, the blackhole
entries will be re-added after they have been deleted.
Configuring Limit Learning
To limit the number of dynamic MAC addresses that can participate in the network, use the
option in following command:
learning
configure ports <portlist> vlan <vlan name> [limit-learning <number> | lock-learning |
unlimited-learning | unlock-learning]
This command specifies the number of dynamically-learned MAC entries allowed for these ports in this
VLAN. The range is 0 to 500,000 addresses.
When the learned limit is reached, all new source MAC addresses are blackholed at the ingress and
egress points. This prevents these MAC addresses from learning and responding to ICMP and ARP
packets.
Dynamically learned entries still get aged and can be cleared. If entries are cleared or aged out after the
learning limit has been reached, new entries will then be able to be learned until the limit is reached
again.
Permanent static and permanent dynamic entries can still be added and deleted using the
and
fdbentry
For ports that have a learning limit in place, the following traffic still flows to the port:
Packets destined for permanent MAC addresses and other non-blackholed MAC addresses
●
Broadcast traffic
●
EDP traffic
●
Traffic from the permanent MAC and any other non-blackholed MAC addresses still flows from the
virtual port.
To remove the learning limit, use the
configure ports <portlist> vlan <vlan name> [limit-learning <number> | lock-learning |
unlimited-learning | unlock-learning]
Displaying Limit Learning Information
To verify the configuration, use the following commands:
show vlan <vlan name> security
This command displays the MAC security information for the specified VLAN.
show ports {mgmt | <portlist>} info {detail}
316
disable flooding port
unlimited-learning
commands. These override any dynamically learned entries.
option from the following command:
limit-
create
ExtremeWare XOS 11.3 Concepts Guide
Advertisement
Chapters
Table of Contents
Troubleshooting
Related Manuals for Extreme Networks ExtremeWare XOS Guide
Related Products for Extreme Networks ExtremeWare XOS Guide
- Extreme Networks ExtremeWare Command
- Extreme Networks ExtremeWare Enterprise Manager
- Extreme Networks EPICenter Guide
- Extreme Networks ExtremeXOS ScreenPlay
- Extreme Networks ExtremeWireless AP460i
- Extreme Networks ExtremeWireless AP460e
- Extreme Networks ExtremeSwitching X440-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X440-G2-24t-10GE4-DC
- Extreme Networks ExtremeSwitching X440-G2-24fx-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24t-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24p-GE4
- Extreme Networks ExtremeSwitching X620-16x
- Extreme Networks ExtremeSwitching X670-G2-48x-4q
- Extreme Networks ExtremeSwitching X620-8t-2x