No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Ethernet Switching

CloudEngine 8800, 7800, 6800, and 5800 V200R003C00

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, VLANs, MUX VLAN, Voice VLAN, VLAN mapping, QinQ, GVRP, VCMP, STP/RSTP/MSTP, VBST, SEP, RRPP, ERPS, LBDT, and Layer 2 protocol transparent transmission.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the Switch to Discard Packets That Do Not Match Any MAC Address Entry

Configuring the Switch to Discard Packets That Do Not Match Any MAC Address Entry

Context

After the switch is configured to discard packets that do not match any MAC address entries, such packets are discarded, which reduces the load on the switch and enhances system security.

After a DHCP user goes offline, the MAC address entry of the user ages out. If there are packets destined for this user, the switch cannot find the MAC address entry and therefore broadcasts the packets to all interfaces in the VLAN. In this case, all users receive the packets, which bring security risks. To reduce the load on the switch and enhance security, configure the switch to discard packets that do not match any MAC address entries.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run vlan vlan-id

    The VLAN view is displayed.

  3. Run mac-address miss action discard

    The switch is configured to discard packets that do not match any MAC address entries.

    By default, the switch broadcasts the packets that do not match any MAC address entries in a VLAN.

  4. Run commit

    The configuration is committed.

Verifying the Configuration

Run the display current-configuration command to check whether the switch is configured to discard packets that do not match any MAC address entries.

Translation
Download
Updated: 2019-05-08

Document ID: EDOC1100004351

Views: 97238

Downloads: 276

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next