[x]

MAC address table commands > mac-address (system view)

 

 Next

mac-address (system view)

Use mac-address to add or modify a MAC address entry.

Use undo mac-address to delete one or all MAC address entries.

Syntax

mac-address { dynamic | static } mac-address interface interface-type interface-number vlan vlan-id

mac-address blackhole mac-address vlan vlan-id

mac-address multiport mac-address interface interface-list vlan vlan-id

undo mac-address [ [ dynamic | static ] mac-address interface interface-type interface-number vlan vlan-id ]

undo mac-address [ blackhole | dynamic | static ] [ mac-address ] vlan vlan-id

undo mac-address [ dynamic | static ] interface interface-type interface-number

undo mac-address multiport mac-address interface interface-list vlan vlan-id

undo mac-address [ multiport ] [ [ mac-address ] vlan vlan-id ]

undo mac-address nickname nickname

undo mac-address mac-address nickname nickname vlan vlan-id

Default

The system is not configured with MAC address entries.

Views

System view

Predefined user roles

network-admin

Parameters

dynamic: Specifies dynamic MAC address entries.

static: Specifies static MAC address entries.

blackhole: Specifies blackhole MAC address entries. Packets whose source or destination MAC addresses match blackhole MAC address entries are dropped.

multiport: Specifies multiport unicast MAC address entries. A frame whose destination MAC address matches a multiport unicast MAC address entry is sent out of multiple ports.

mac-address: Specifies a MAC address in the format of H-H-H, excluding multicast and all-zero MAC addresses. When entering a MAC address, you can omit the leading zeros in each H section. For example, enter f-e2-1 for 000f-00e2-0001.

vlan vlan-id: Specifies an existing VLAN to which the interface belongs. The value range for the vlan-id argument is 1 to 4094.

interface interface-type interface-number: Specifies an outgoing interface by its type and number.

interface interface-list: Specifies interfaces in the format of { interface-type interface-number [ to interface-type interface-number ] } &<1-n>. The interface can only be a Layer 2 Ethernet interface or Layer 2 aggregate interface. &<1-4> specifies that you can configure a maximum of 4 interfaces or interface ranges.

nickname nickname: Specifies an RB (through which the packets leave the TRILL network) by its nickname. The nickname is a hexadecimal number in the range of 0x1 to 0xFFFE.

Usage guidelines

Typically, the device automatically builds the MAC address table by learning the source MAC addresses of incoming frames on each interface. However, you can manually configure static MAC address entries. For a MAC address, a manually configured static entry takes precedence over a dynamically learned entry. To improve the security for the user device connected to an interface, manually configure a static entry to bind the user device to the interface. Then, the frames destined for the user device (for example, Host A) are always sent out of the interface. Other hosts using the forged MAC address of Host A cannot obtain the frames destined for Host A.

To drop frames with the specified source MAC addresses or destination MAC addresses, you can configure blackhole MAC address entries.

To send frames with a specific destination MAC address out of multiple ports, configure a multiport unicast MAC address entry. When you execute this command for the first time, the command adds a MAC address entry. When you execute the command again with the same MAC address and VLAN but with different interfaces, this command adds the specified interfaces for this entry.

A static or blackhole MAC address entry can overwrite a dynamic MAC address entry, but not vice versa.

If you execute the undo mac-address command without specifying any parameters, this command deletes all unicast MAC address entries and static multicast MAC address entries.

You can delete all the MAC address entries (including unicast MAC address entries and static multicast MAC address entries) of a specified VLAN. You can also delete only one type (dynamic, static, blackhole, or multiport unicast) of MAC address entries. You can single out an interface and delete the corresponding unicast MAC address entries, but not the corresponding static multicast MAC address entries. You can single out an RB through which the packets leave the TRILL network and delete the corresponding unicast MAC address entries.

The MAC address entry configuration cannot survive a reboot unless you save it. The dynamic MAC address entries, however, are lost upon reboot whether or not you save the configuration.

Examples

# Add a static entry for MAC address 000f-e201-0101. Then, all frames that are destined for this MAC address are sent out of interface Ten-GigabitEthernet 1/0/1, which belongs to VLAN 2. 

<Sysname> system-view
[Sysname] mac-address static 000f-e201-0101 interface ten-gigabitethernet 1/0/1 vlan 2

# Add a multiport unicast MAC address entry for MAC address 000f-e201-0101. Then, all frames that are destined for this MAC address are sent out of Ten-GigabitEthernet 1/0/1 through Ten-GigabitEthernet 1/0/3, which belong to VLAN 2.

<Sysname> system-view
[Sysname] mac-address multiport 000f-e201-0101 interface ten-gigabitethernet 1/0/1 to ten-gigabitethernet 1/0/3 vlan 2

Related commands

display mac-address

mac-address (interface view)

prev

 

up

 next

mac-address (interface view) 

home

 mac-address mac-learning enable

© Copyright 2016 Hewlett Packard Enterprise Development LP