mac-address learning disable
Function
The mac-address learning disable command disables MAC address learning.
The undo mac-address learning disable command enables MAC address learning.
By default, MAC address learning is enabled.
Format
(Interface view) mac-address learning disable [ action { discard | forward } ]
(VLAN view) mac-address learning disable
undo mac-address learning disable
Parameters
Parameter |
Description |
Value |
|---|---|---|
action |
Indicates the action that the interface takes after MAC address learning is disabled. NOTE:
By default, an interface forwards the packets carrying new MAC addresses after MAC address learning is disabled. |
- |
discard |
Discards the packets whose source MAC addresses do not match the MAC address table. |
- |
forward |
Forwards the packets according to the MAC address table. |
- |
Usage Guidelines
Usage Scenario
If you want an interface to forward only packets with certain MAC addresses, use this command. For example, if an interface is connected to a server, configure a static MAC address entry with the MAC address of the server, and then disable MAC address learning and set the action to discard on the interface. The configuration prevents other servers or terminals from accessing the interface and improves network stability and security.
When an wireless access controller with MAC address learning enabled receives an Ethernet frame, it records the source MAC address and inbound interface of the Ethernet frame in a MAC address entry. When receiving other Ethernet frames destined for this MAC address, the wireless access controller forwards the frames through the corresponding outbound interface according to the MAC address entry. MAC address learning reduces broadcast packets on a network.
You can use the mac-address learning disable command to disable MAC address learning on an interface. The action performed on received packets can be set to discard or forward.
- When the action is set to forward, the wireless access controller forwards packets according to the MAC address table. If a packet does not match any MAC address entry, the wireless access controller broadcasts the packet.
- When the action is set to discard, the wireless access controller searches for the source MAC address of the packet in the MAC address table. If the source MAC address is found in the MAC address table, the wireless access controller forwards the packet according to the MAC address entry. If the source MAC address is not found, the wireless access controller discards the packet. The default action is forward.
Precautions
The action cannot be configured in the VLAN view.
After MAC address learning is disabled on an interface, the device does not learn new MAC addresses on the interface, but untrusted terminals can still access the network.
