No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Ethernet Switching

S7700 and S9700 V200R012C00

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, VLANs, VLAN aggregation, MUX VLAN, VLAN termination, Voice VLAN, VLAN mapping, QinQ, GVRP, VCMP, STP/RSTP/MSTP, VBST, SEP, RRPP, ERPS, LBDT, HVRP, and Layer 2 protocol transparent transmission.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring MAC Address Flapping Prevention to Block User Attacks

Configuring MAC Address Flapping Prevention to Block User Attacks

When you deploy a Layer 2 network, you can configure MAC address flapping prevention to block attacks from unauthorized users.

In Figure 2-9, employees of an enterprise need to access the server connected to Port1 of the switch. If an unauthorized user sends packets using the server's MAC address as the source MAC address, the server's MAC address is learned on another interface of the switch. Subsequently, packets sent by employees to the server are sent to the unauthorized user. As a result, the unauthorized user may intercept data and prevent employees from accessing the server. To prevent unauthorized users from using the server's MAC address to attack the switch, set a higher MAC address learning priority for the interface connected to the server than the interfaces connected to unauthorized users. In this case, MAC address flapping will not occur if unauthorized users attack the switch.

Figure 2-9  Networking of MAC address flapping prevention
Translation
Download
Updated: 2019-01-18

Document ID: EDOC1100038843

Views: 107522

Downloads: 71

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next