No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Ethernet Switching

CloudEngine 8800, 7800, 6800, and 5800 V200R003C00

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, VLANs, MUX VLAN, Voice VLAN, VLAN mapping, QinQ, GVRP, VCMP, STP/RSTP/MSTP, VBST, SEP, RRPP, ERPS, LBDT, and Layer 2 protocol transparent transmission.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Disabling MAC Address Learning (CE6870EI and CE6875EI)

Disabling MAC Address Learning (CE6870EI and CE6875EI)

Background

The MAC address learning function is enabled by default on the switch. When receiving a data frame, the switch records the source MAC address of the data frame and the interface that receives the data frame in a MAC address entry. When receiving data frames destined for this MAC address, the switch forwards the data frames through the outbound interface according to the MAC address entry. The MAC address learning function reduces broadcast packets on a network. After MAC address learning is disabled on an interface, the switch does not learn source MAC addresses of data frames received by the interface, but the dynamic MAC address entries learned on the interface are not immediately deleted. These dynamic MAC address entries are deleted after the aging time expires or can be manually deleted using commands.

Procedure

  • Disable MAC address learning on an interface.
    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number

      The interface view is displayed.

    3. Run mac-address learning disable [ action { discard | forward } ]

      MAC address learning is disabled on the interface.

      By default, MAC address learning is enabled on an interface.

      By default, the switch takes the forward action after MAC address learning is disabled. That is, the switch forwards packets according to the MAC address table. When the action is set to discard, the switch looks up the source MAC address of the packet in the MAC address table. If the source MAC address is found in the MAC address table, the switch forwards the packet according to the matching MAC address entry. If the source MAC address is not found, the switch discards the packet.

    4. Run commit

      The configuration is committed.

  • Disable MAC address learning in a VLAN.
    1. Run system-view

      The system view is displayed.

    2. Run vlan vlan-id

      The VLAN view is displayed.

    3. Run mac-address learning disable

      MAC address learning is disabled in the VLAN.

      By default, MAC address learning is enabled in a VLAN.

    4. Run commit

      The configuration is committed.

  • Disabling MAC address learning in the traffic behavior view
    1. Configure a traffic classifier.
      1. Run system-view

        The system view is displayed.

      2. Run traffic classifier classifier-name [ type { and | or } ]

        A traffic classifier is created and the traffic classifier view is displayed, or the view of an existing traffic classifier is displayed.

        and is the logical operator between the rules in a traffic classifier, which means that:
        • If a traffic classifier contains ACL rules, packets match the traffic classifier only if they match one ACL rule and all the non-ACL rules.

        • If a traffic classifier does not contain any ACL rules, packets match the traffic classifier only if they match all the rules in the classifier.

        The logical operator or means that packets match a traffic classifier if they match one or more rules in the classifier.

        By default, the relationship between rules in a traffic classifier is or.

      3. Run if-match

        Matching rules are defined for the traffic classifier.

        For details about matching rules in a traffic classifier, see "Configuring a Traffic Classifier" in "MQC Configuration" of the CloudEngine 8800, 7800, 6800, and 5800 Series Switches Configuration Guide - QoS Configuration Guide.

      4. Run commit

        The configuration is committed.

      5. Run quit

        Exit from the traffic classifier view.

    2. Configure a traffic behavior.
      1. Run traffic behavior behavior-name

        A traffic behavior is created and the traffic behavior view is displayed, or the view of an existing traffic behavior is displayed.

      2. Run mac-address learning disable

        MAC address learning is disabled in a traffic behavior.

      3. (Optional) Run statistics enable

        The traffic statistics function is enabled.

      4. Run commit

        The configuration is committed.

      5. Run quit

        Exit from the traffic behavior view.

      6. Run quit

        Exit from the system view.

    3. Configure a traffic policy.
      1. Run system-view

        The system view is displayed.

      2. Run traffic policy policy-name

        A traffic policy is created and the traffic policy view is displayed, or the view of an existing traffic policy is displayed.

      3. Run classifier classifier-name behavior behavior-name [ precedence precedence-value ]

        A traffic behavior is bound to a traffic classifier in the traffic policy.

      4. Run commit

        The configuration is committed.

      5. Run quit

        Exit from the traffic policy view.

      6. Run quit

        Exit from the system view.

    4. Apply the traffic policy.
      NOTE:
      • A traffic policy containing mac-address learning disable (traffic behavior view) can only be applied in the inbound direction.

      • For details about the configuration guidelines of applying traffic policies in different views on the CE6870EI and CE6875EI, see Licensing Requirements and Limitations for MQC (CE6870EI and CE6875EI).

      • Applying a traffic policy to an interface
        1. Run system-view

          The system view is displayed.

        2. Run interface interface-type interface-number

          The interface view is displayed.

        3. Run traffic-policy policy-name inbound

          A traffic policy is applied to the interface in the inbound direction.

        4. Run commit

          The configuration is committed.

      • Applying a traffic policy to a VLAN
        1. Run system-view

          The system view is displayed.

        2. Run vlan vlan-id

          The VLAN view is displayed.

        3. Run traffic-policy policy-name inbound

          A traffic policy is applied to the VLAN in the inbound direction.

          After a traffic policy is applied, the system performs traffic policing for the packets that belong to a VLAN and match traffic classification rules in the inbound direction.

        4. Run commit

          The configuration is committed.

      • Applying a traffic policy to the system
        1. Run system-view

          The system view is displayed.

        2. Run traffic-policy policy-name global [ slot slot-id ] inbound

          A traffic policy is applied to the system in the inbound direction.

        3. Run commit

          The configuration is committed.

      • Applying a traffic policy to a BD
        1. Run system-view

          The system view is displayed.

        2. Run bridge-domain bd-id

          The BD view is displayed.

        3. Run traffic-policy policy-name inbound

          A traffic policy is applied to the BD.

        4. Run commit

          The configuration is committed.

Verifying the Configuration

  • Run the display traffic classifier [ classifier-name ] command to check the traffic classifier configuration.
  • Run the display traffic behavior [ behavior-name ] command to check the traffic behavior configuration on the device.
  • Run the display traffic policy [ policy-name [ classifier classifier-name ] ] command to check the traffic policy configuration.

  • Run the display traffic-policy applied-record [ policy-name ] [ global [ slot slot-id ] | interface interface-type interface-number | vlan vlan-id | vpn-instance vpn-instance-name | qos group group-id | bridge-domain bd-id ] [ inbound | outbound ] command to check the application records of a specified traffic policy.

    NOTE:
    • The CE6810LI does not support the vpn-instance vpn-instance-name parameter.
    • The CE5810EI, CE5850EI, CE5850HI, CE5855EI, CE6810LI, CE6810EI, and CE6850EI do not support the bridge-domain bd-id command.
  • Run the display system tcam fail-record [ slot slot-id ] command to display TCAM delivery failures.
  • Run the display system tcam service brief [ slot slot-id ] command to display the group index and rule count occupied by different services.
  • Run the display system tcam service { cpcar slot slot-id | service-name slot slot-id [ chip chip-id ] } command to display IDs of entries delivered by services on the specified chip or in the specified slot.
  • Run one of the following commands to display data of a traffic policy that has been applied:
    • display system tcam service traffic-policy { global | vlan vlan-id | interface interface-type interface-number | vpn-instance vpn-instance-name | qos group group-id | bridge-domain bd-id } policy-name { inbound | outbound } [ slot slot-id [ chip chip-id ] ]
      NOTE:

      The CE6810LI does not support the vpn-instance vpn-instance-name parameter.

      The CE5810EI, CE5850EI, CE5850HI, CE5855EI, CE6810LI, CE6810EI, and CE6850EI do not support the bridge-domain bd-id command.

    • display system tcam service traffic-policy slot slot-id policy-name { inbound | outbound } [ chip chip-id ]
  • (For the CE6870EI and CE6875EI) Run the display system tcam match-rules slot slot-id [ [ ingress | egress | group group-id ] | [ chip chip-id ] ] * command to display matched entries.
Translation
Download
Updated: 2019-05-08

Document ID: EDOC1100004351

Views: 93418

Downloads: 276

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next