No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
mac-limit

mac-limit

Function

The mac-limit command configures a rule to limit the number of MAC addresses that can be learned.

The undo mac-limit command deletes the rule.

By default, the number of learned MAC addresses is not limited.

Format

(Interface view) mac-limit { action { discard | forward } | alarm { disable | enable } | maximum max-num }*

(VLAN view) mac-limit { alarm { disable | enable } | maximum max-num }*

undo mac-limit

Parameters

Parameter

Description

Value

action { discard | forward }
Indicates the action performed when the number of learned MAC address entries reaches the limit.
  • discard: discards packets with new source MAC addresses.
  • forward: forwards packets with new source MAC addresses but does not add the new MAC addresses to the MAC address table.
NOTE:
This parameter cannot be specified in the VLAN view.

If no action is specified in the command, the default action discard is used.

alarm { disable | enable }
Indicates whether the system generates an alarm when the number of learned MAC address entries reaches the limit.
  • disable: indicates that no alarm is generated when the number of learned MAC addresses reaches the limit.
  • enable: indicates that an alarm is generated when the number of learned MAC addresses reaches the limit.

If you do not set this parameter in the command, the alarm function is enabled by default.

maximum max-num

Sets the maximum number of MAC addresses that can be learned.

NOTE:
If maximum is not set, you must run the mac-limit command with maximum specified. If you have run the mac-limit command to set the maximum number of MAC addresses that can be learned, you do not need to set maximum max-num when running this command again.

The value is a decimal integer ranging from 0 to 4096. The value 0 indicates that the highest rate of MAC address learning is not limited.

Views

VLAN view, GE interface view, XGE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The mac-limit command limits the number of access users and prevents attacks to the MAC address tables. You can enable the function to improve network security.

Precautions

The mac-limit and port-security enable commands cannot be used on the same interface.

The action cannot be set in the VLAN view.

Example

# Configure the following MAC address learning rule on GigabitEthernet0/0/1:
  • The maximum number of learned MAC addresses is 30.
  • When the number of learned MAC addresses exceeds the maximum, and an alarm is generated.
<AC6605> system-view
[AC6605] interface GigabitEthernet 0/0/1
[AC6605-GigabitEthernet0/0/1] mac-limit maximum 30 alarm enable
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3204221

Downloads: 595

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :