No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
mac-limit

mac-limit

Function

The mac-limit command configures a rule to limit the number of MAC addresses that can be learned.

The undo mac-limit command deletes the rule.

By default, the number of learned MAC addresses is not limited.

Format

(Interface view) mac-limit { action { discard | forward } | alarm { disable | enable } | maximum max-num }*

(VLAN view) mac-limit { alarm { disable | enable } | maximum max-num }*

undo mac-limit

Parameters

Parameter

Description

Value

action { discard | forward }

Indicates the action performed when the number of learned MAC address entries reaches the limit.
  • discard: discards packets with new source MAC addresses.
  • forward: forwards packets with new source MAC addresses but does not add the new MAC addresses to the MAC address table.
NOTE:
This parameter cannot be specified in the VLAN view.

If no action is specified in the command, the default action discard is used.

alarm { disable | enable }

Indicates whether the system generates an alarm when the number of learned MAC address entries reaches the limit.
  • disable: indicates that no alarm is generated when the number of learned MAC addresses reaches the limit.
  • enable: indicates that an alarm is generated when the number of learned MAC addresses reaches the limit.

If you do not set this parameter in the command, the alarm function is enabled by default.

maximum max-num

Sets the maximum number of MAC addresses that can be learned.

NOTE:
If maximum is not set, you must run the mac-limit command with maximum specified. If you have run the mac-limit command to set the maximum number of MAC addresses that can be learned, you do not need to set maximum max-num when running this command again.

The value is a decimal integer ranging from 0 to 4096. The value 0 indicates that the highest rate of MAC address learning is not limited.

Views

VLAN view, GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The mac-limit command limits the number of access users and prevents attacks to the MAC address tables. You can enable the function to improve network security.

Precautions

The action cannot be set in the VLAN view.

Example

# Configure the following MAC address learning rule on GigabitEthernet0/0/1:
  • The maximum number of learned MAC addresses is 30.
  • When the number of learned MAC addresses exceeds the maximum, and an alarm is generated.
<Huawei> system-view
[Huawei] interface GigabitEthernet 0/0/1
[Huawei-GigabitEthernet0/0/1] mac-limit maximum 30 alarm enable 
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 201104

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next