No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
CloudEngine 12800 and 12800E V200R019C10 Configuration Guide - Ethernet Switching

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, M-LAG, VLAN, QinQ, VLAN mapping, GVRP, STP/RSTP, MSTP, VBST, ERPS (G.8032), LBDT, and Layer 2 protocol transparent transmission.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring a Static MAC Address Entry

Configuring a Static MAC Address Entry

Context

MAC addresses and interfaces are bound statically in static MAC address entries.

A device cannot distinguish packets from authorized and unauthorized users when it learns source MAC addresses of packets to maintain the MAC address table. This causes network risks. If an unauthorized user uses the MAC address of an authorized user as the source MAC address of attack packets and connects to another interface of the device, the device learns an incorrect MAC address entry. As a result, packets destined for the authorized user are forwarded to the unauthorized user. For security purposes, you can create static MAC address entries to bind MAC addresses of authorized users to specified interfaces. This prevents unauthorized users from intercepting data of authorized users.

Static MAC address entries have the following characteristics:

  • A static MAC address entry will not be aged out. After being saved, a static MAC address entry will not be lost after a system restart, and can only be deleted manually.
  • The VLAN bound to a static MAC address entry must have been created and assigned to the interface bound to the entry.
  • The MAC address in a static MAC address entry must be a unicast MAC address, and cannot be a multicast or broadcast MAC address.
  • A static MAC address entry takes precedence over a dynamic MAC address entry. The system discards packets with flapping static MAC addresses.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run mac-address static mac-address interface-type interface-number vlan vlan-id

    A static MAC address entry is created.

  3. Run commit

    The configuration is committed.

Verifying the Configuration

Run the display mac-address static command to check configured static MAC address entries.

Translation
简体中文
Download
Updated: 2021-04-01

Document ID: EDOC1100138135

Views: 236679

Downloads: 159

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :