This chapter
describes the management of static, dynamic, and blackhole MAC address entries.
For information about the management of multicast MAC address entries, refer to
the “Multicast Protocol” part of the manual.
Syntax
display mac-address aging-time
View
Any view
Parameters
None
Description
Use the display mac-address aging-time
command to display the aging time of the dynamic MAC address entries in the MAC
address table.
Related commands: mac-address,
mac-address timer, display mac-address.
Examples
# Display the aging time of the dynamic MAC
address entries.
<Sysname> display mac-address
aging-time
Mac address aging time: 300s
The output information indicates that the
aging time of the dynamic MAC address entries is 300 seconds.
<Sysname> display mac-address
aging-time
Mac address aging time: no-aging
The output information indicates that
dynamic MAC address entries do not age out.
Syntax
display mac-address [ display-option ]
View
Any view
Parameters
display-option: Option used to display specific MAC address table information, as
described in Table 1-1.
Table 1-1 Description on the display-option
argument
|
Value
|
Description
|
|
mac-address [ vlan vlan-id ]
|
Displays information about a specified
MAC address entry.
|
|
{ static | dynamic | blackhole
} [ interface interface-type interface-number ] [ vlan vlan-id
] [ count ]
|
Displays information about dynamic,
static, or blackhole MAC address entries.
|
|
interface interface-type
interface-number [ vlan vlan-id ] [ count ]
|
Displays information about the MAC
address entries concerning a specified port.
|
|
vlan vlan-id
[ count ]
|
Displays information about the MAC
address entries concerning a specified VLAN.
|
|
count
|
Displays the total number of the MAC
address entries maintained by the switch.
|
|
statistics
|
Displays statistics of the MAC address
entries maintained by the switch.
|
mac-address:
Specifies a MAC address, in the form of H-H-H.
static:
Displays static MAC address entries.
dynamic:
Displays dynamic MAC address entries.
blackhole:
Displays blackhole MAC address entries.
interface-type
interface-number: Specify a port by its interface type and number, of which
the MAC address entries are displayed.
vlan-id: Specifies
a VLAN by its ID in the range of 1 to 4094, in which the MAC address entries
are displayed.
count: Displays
only the total number of the MAC address entries.
statistics:
Displays statistics of the MAC address entries maintained by the switch.
Description
Use the display mac-address
command to display information about MAC address entries in the MAC address table,
including: MAC address, VLAN and port corresponding to the MAC address, the
type (static or dynamic) of a MAC address entry, whether a MAC address is
within the aging time and so on.
Examples
# Display information about MAC address 000f-e20f-0101.
<Sysname> display mac-address 000f-e20f-0101
MAC ADDR VLAN ID STATE
PORT INDEX AGING TIME(s)
000f-e20f-0101 1 Learned
Ethernet1/0/1 AGING
# Display the MAC address entries for the
port Ethernet 1/0/4.
<Sysname> display mac-address
interface Ethernet 1/0/4
MAC ADDR VLAN ID
STATE PORT INDEX AGING TIME(s)
000d-88f6-44ba 1 Learned
Ethernet1/0/4 AGING
000d-88f7-9f7d 1 Learned
Ethernet1/0/4 AGING
000d-88f7-b094 1 Learned
Ethernet1/0/4 AGING
000f-e200-00cc 1 Learned
Ethernet1/0/4 AGING
000f-e200-2201 1 Learned
Ethernet1/0/4 AGING
000f-e207-f2e0 1 Learned
Ethernet1/0/4 AGING
000f-e209-ecf9 1 Learned
Ethernet1/0/4 AGING
--- 7 mac address(es) found on port
Ethernet1/0/4 ---
# Display the total number of MAC address
entries for VLAN 2.
<Sysname> display mac-address
vlan 2 count
9 mac address(es) found in vlan 2
Table 1-2 Description
on the fields of the display mac-address command
|
Field
|
Description
|
|
MAC ADDR
|
MAC address
|
|
VLAN ID
|
ID of the VLAN to which the network
device identified by the MAC address belongs
|
|
STATE
|
The state of the MAC address entry, which
can be one of the following:
l
Config static: Indicates a manually configured
static address entry.
l
Learned: Indicates a dynamically learnt
address entry.
l
Config dynamic: Indicates a manually
configured dynamic address entry.
l
Blackhole: Indicates a blackhole entry.
|
|
PORT INDEX
|
Outgoing port out of which the traffic
destined for the MAC address should be sent.
|
|
AGING TIME(s)
|
Indicates whether the MAC address entry
is aging. AGING indicates that the entry is aging; NOAGED indicates that the
entry will never age out.
|
Syntax
display port-mac
View
Any view
Parameters
None
Description
Use the display port-mac command to display
the configured start port MAC address for the Ethernet ports on the switch, that
is, the MAC address of Ethernet 1/0/1.
Related commands: port-mac.
Examples
# Display the start port MAC address.
<Sysname> display port-mac
Port MAC start address : 000f-e200-0001
Syntax
l
In system view:
mac-address {
static | dynamic | blackhole } mac-address
interface interface-type interface-number vlan vlan-id
undo mac-address [ mac-address-attribute ]
l
In Ethernet port view:
mac-address
{ static | dynamic | blackhole } mac-address vlan
vlan-id
undo mac-address { static | dynamic | blackhole } mac-address
vlan vlan-id
View
System view, Ethernet port view
Parameters
static: Specifies
a static MAC address entry.
dynamic: Specifies
a dynamic MAC address entry.
blackhole: Specifies
a blackhole MAC address entry.
mac-address:
Specifies a MAC address, in the form of H-H-H. When entering the MAC address,
you can omit the leading 0s in each segment. For example, you can input f-e2-1
for 000f-00e2-0001.
interface-type
interface-number: Specifies the outgoing port by its type and number for
the MAC address. All traffic destined for the MAC address will be sent out the
port.
vlan-id: Specifies
a VLAN ID, in the range of 1 to 4094. The VLAN must already exist.
mac-address-attribute: Specifies the criteria for removing MAC address entries. Available
syntax options for the argument are described in Table 1-3.
Table 1-3 Available syntax options for the
mac-address-attribute argument
|
Syntax
|
Description
|
|
{ static | dynamic |
blackhole } interface interface-type interface-number
|
Removes the static, dynamic, or blackhole
MAC address entries concerning a specified port.
|
|
{ static | dynamic |
blackhole } vlan vlan-id
|
Removes the static, dynamic, or blackhole
MAC address entries concerning a specified VLAN.
|
|
{ static | dynamic |
blackhole } mac-address [ interface interface-type
interface-number ] vlan vlan-id
|
Removes a specified static, dynamic, or
blackhole MAC address entry.
|
|
interface interface-type
interface-number
|
Removes all the MAC address entries concerning
a specified port.
|
|
vlan vlan-id
|
Removes all the MAC address entries concerning
a specified VLAN.
|
|
mac-address [ interface interface-type interface-number ] vlan
vlan-id
|
Removes a
specified MAC address entry.
|
Description
Use the mac-address command to add
or modify a MAC address entry.
Use the undo mac-address command to
remove one or more MAC address entries.
In Ethernet port view, the MAC address
entry configured with the mac-address command in Ethernet port view
takes the current Ethernet port as the outgoing port.
If the MAC address you input in the mac-address
command already exists in the MAC address table, the system will modify the
attributes of the corresponding MAC address entry according to your settings in
the command.
You can remove all unicast MAC address
entries on a port, or remove a specific type of MAC address entries, such as
the addresses learnt by the system, dynamic or static MAC address entries
configured, or blackhole addresses.
Examples
# Configure a static MAC address entry with
the following settings:
l
MAC address: 000f-e20f-0101
l
Outbound port: Ethernet 1/0/1 port
l
Ethernet 1/0/1 port belongs to VLAN 2.
<Sysname> system-view
System View: return to User View with
Ctrl+Z.
[Sysname] mac-address static 000f-e20f-0101
interface Ethernet 1/0/1 vlan 2
1.1.5 mac-address max-mac-count
Syntax
mac-address
max-mac-count count
undo mac-address
max-mac-count
View
Ethernet port view
Parameters
count: Maximum
number of MAC addresses a port can learn. This argument ranges from 0 to 8192. A
value of 0 disables the port from learning MAC addresses.
Description
Use the mac-address max-mac-count command
to set the maximum number of MAC addresses an Ethernet port can learn.
Use the undo mac-address max-mac-count
command to cancel the limitation on the number of MAC addresses an Ethernet
port can learn.
By default, the number of MAC addresses an
Ethernet port can learn is unlimited.
When you use the mac-address
max-mac-count command, the port stops learning MAC addresses after the
number of MAC addresses it learned reaches the value of the count argument
you provided. You can use the undo command to cancel this limit so that
the port can learn MAC addresses without the number limitation. By default, no
number limitation is set to the port for MAC address learning.
To prevent illegal devices from accessing
the network through a port, you can configure static MAC addresses and disable
MAC address learning for the port. Thus, only the packets destined for the
configured MAC addresses can be forwarded out the port.
Related commands: mac-address, mac-address
timer.
Examples
# Set the maximum number of MAC addresses Ethernet
1/0/3 port can learn to 600.
<Sysname> system-view
System View: return to User View with
Ctrl+Z.
[Sysname] interface Ethernet 1/0/3
[Sysname-Ethernet1/0/3] mac-address
max-mac-count 600
1.1.6 mac-address max-mac-count 0
Syntax
mac-address max-mac-count 0
undo mac-address max-mac-count
View
VLAN view
Parameter
None
Description
Use the mac-address max-mac-count 0
command to disable a switch from learning MAC address in a VLAN.
Use the undo mac-address max-mac-count
command to enable a switch to learn MAC address in a VLAN.
By default, a switch learns MAC addresses
in any VLAN.
Example
# Disable the switch from learning MAC
address in VLAN 3.
<Sysname> system-view
System View: return to User View with
Ctrl+Z.
[Sysname] vlan 3
[Sysname-vlan3] mac-address
max-mac-count 0
Syntax
mac-address timer { aging age | no-aging }
undo mac-address timer aging
View
System view
Parameters
aging age: Specifies the aging time (in seconds) for dynamic MAC address
entries. The age argument ranges from 10 to 1000000.
no-aging:
Specifies not to age dynamic MAC address entries.
Description
Use the mac-address timer
command to set the MAC address aging timer.
Use the undo mac-address timer
command to restore the default.
The default MAC address aging timer is 300
seconds.
The timer applies only to dynamic address
entries, including both entries learnt and configured.
Setting an appropriate MAC address aging
timer is important for the switch to run efficiently.
l
If the aging timer is set too short, the MAC
address entries that are still valid may be removed. Upon receiving a packet
destined for a MAC address that is already removed, the switch broadcasts the
packet through all its ports in the VLAN which the packet belongs to. This
decreases the operating performance of the switch.
l
If the aging timer is set too long, MAC address
entries may still exist even if they turn invalid. This causes the switch to be
unable to update its MAC address table in time. In this case, the MAC address
table cannot reflect the position changes of network devices in time.
Examples
# Set the aging time of MAC address entries
to 500 seconds.
<Sysname> system-view
System View: return to User View with
Ctrl+Z.
[Sysname] mac-address timer aging 500
Syntax
port-mac start-mac-address
undo port-mac
View
System view
Parameters
start-mac-address: Start MAC address for the Ethernet ports on the switch, in the
format of H-H-H. It must be a valid unicast address.
Description
Use the port-mac command to configure
the start MAC address for the Ethernet ports on the device. This MAC address is
assigned to port Ethernet 1/0/1, and is called the start port MAC address.
Use the undo port-mac command to
remove the configuration.
Examples
# Set the start port MAC address to
000f-e200-0001.
<Sysname> system-view
System View: return to User View with
Ctrl+Z.
[Sysname] port-mac 000f-e200-0001
