No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Ethernet Switching

AR650, AR1600, and AR6100 V300R003

This document describes how to configure the components for LAN services, including link aggregation groups, VLANs, voice VLANs, MAC address tables, transparent bridging, as well as GVRP, STP/RSTP, and MSTP protocols.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Blackhole MAC Address Entries

Example for Configuring Blackhole MAC Address Entries

Networking Requirements

As shown in Figure 1-8, the Router receives packets from an unauthorized PC that has the MAC address of 0005-0005-0005 and belongs to VLAN 3. This MAC address entry can be configured as a blackhole MAC address entry so that the Router filters out packets from the unauthorized PC.

Figure 1-8  Networking for configuring a blackhole MAC address entry

Configuration Roadmap

The configuration roadmap is as follows:

  1. Create a VLAN to implement Layer 2 forwarding.

  2. Configure a blackhole MAC address entry to filter out packets from the unauthorized PC.

Procedure

  1. Configure a blackhole MAC address entry.

    # Create VLAN 3.

    <Huawei> system-view
    [Huawei] sysname Router
    [Router] vlan 3
    [Router-vlan3] quit
    

    # Configure a blackhole MAC address entry.

    [Router] mac-address blackhole 0005-0005-0005 vlan 3
    

  2. Verify the configuration.

    # Run the display mac-address blackhole command in any view to check whether the blackhole MAC address entry is successfully added to the MAC address table.

    [Router] display mac-address blackhole
    ------------------------------------------------------------------------------- 
    MAC Address       VLAN/Bridge             Learned-From               Type       
    ------------------------------------------------------------------------------- 
    0005-0005-0005       3/-                  -                          blackhole  
                                                                                    
    ------------------------------------------------------------------------------- 
    Total items displayed = 1
    
    

Configuration Files

Router configuration file

#
 sysname Router
#
vlan batch 3
#
mac-address blackhole 0005-0005-0005 vlan 3                                     
#
return
Download
Updated: 2019-04-12

Document ID: EDOC1100041791

Views: 62879

Downloads: 41

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next