This chapter
describes the management of static, dynamic, and blackhole MAC address entries.
For information about the management of multicast MAC address entries, refer to
the section related to multicast protocol in H3C S3100-52P Ethernet Switch Operation
Manual.
1.1 Overview
An Ethernet switch maintains a MAC address
table to forward packets quickly. A MAC address table is a port-based Layer 2 address
table. It is the base for Ethernet switch to forward Layer 2 packet. Each entry
in a MAC address table contains the following fields:
l
Destination MAC address
l
ID of the VLAN which a port belongs to
l
Forwarding port number
Upon receiving a packet, a switch queries its
MAC address table for the forwarding port number according to the destination
MAC address carried in the packet and then forwards the packet through the port.
The dynamic address entries (not configured
manually) in the MAC address table are learned by the Ethernet switch. When an
Ethernet switch learns a MAC address, the following occurs:
When a switch receives a packet from one of
its ports (referred to as Port 1), the switch extracts the source MAC address
(referred to as MAC-SOURCE) of the packet and considers that the packets
destined for MAC-SOURCE can be forwarded through Port 1.
l
If the MAC address table already contains
MAC-SOURCE, the switch updates the corresponding MAC address entry.
l
If MAC-SOURCE does not exist in the MAC address
table, the switch adds MAC-SOURCE and Port 1 as a new MAC address entry to the
MAC address table.
Figure
1-1 A switch uses a MAC address table to forward
packets
After learning the source address of the
packet, the switch searches the MAC address table for the destination MAC
address of the received packet:
l
If it finds a match, it directly forwards the
packet.
l
If it finds no match, it forwards the packet to
all ports, except the receiving port, within the VLAN to which the receiving
port belongs. Normally, this is referred to as broadcasting the packet.
After the packet is broadcast:
l
If the network device returns a packet to the
switch, this indicates the packet has been sent to the destination device. The MAC
address of the device is carried in the packet. The switch adds the new MAC
address to the MAC address table through address learning. After that, the
switch can directly forward other packets destined for the same network device
by using the newly added MAC address entry.
l
If the destination device does not respond to
the packet, this indicates that the destination device is unreachable or that
the destination device receives the packet but gives no response. In this case,
the switch still cannot learn the MAC address of the destination device.
Therefore, the switch will still broadcast any other packet with this
destination MAC address.
To fully utilize a MAC address table, which
has a limited capacity, the switch uses an aging mechanism for updating the
table. That is, the switch removes the MAC address entries related to a network
device if no packet is received from the device within the aging time. Aging
time only applies to dynamic MAC address entries.
You can manually configure (add or modify)
a static or dynamic MAC address entry based on the actual network environment.
The switch learns only unicast addresses by using the MAC address
learning mechanism but directly drops any packet with a broadcast source MAC address.
Entries in a MAC address table fall into
the following categories according to their characteristics and configuration
methods:
l
Static MAC address entry: Also known as
permanent MAC address entry. This type of MAC address entries are added/removed
manually and can not age out by themselves. Using static MAC address entries can
reduce broadcast packets remarkably and are suitable for networks where network
devices seldom change.
l
Dynamic MAC address entry: This type of MAC
address entries age out after the configured aging time. They are generated by
the MAC address learning mechanism or configured manually.
l
Blackhole MAC address entry: This type of MAC
address entries are configured manually. A switch discards the packets destined
for or originated from the MAC addresses contained in blackhole MAC address
entries.
Table 1-1 lists the different types of MAC address entries and their characteristics.
Table 1-1 Characteristics of different types of MAC address entries
|
MAC address entry
|
Configuration method
|
Aging time
|
Reserved or not at reboot (if the
configuration is saved)
|
|
Static MAC address entry
|
Manually configured
|
Unavailable
|
Yes
|
|
Dynamic MAC address entry
|
Manually configured or generated by MAC
address learning mechanism
|
Available
|
No
|
|
Blackhole MAC address entry
|
Manually configured
|
Unavailable
|
Yes
|
The configuration to manage a MAC address
table includes:
l
Configuring a MAC address entry
l
Configuring the aging time of MAC address entries
l
Configuring the maximum number of MAC addresses
a port can learn
You can add, modify, or remove one MAC
address entry, remove all MAC address entries (unicast MAC addresses only) concerning
a specific port, or remove specific type of MAC address entries (dynamic or
static MAC address entries).
You can add a MAC address entry in either
system view or Ethernet port view.
I. Adding a MAC address entry in
system view
Table 1-2
Add a MAC address entry in system view
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Add a MAC address entry
|
mac-address { static | dynamic | blackhole } mac-address
interface interface-type interface-number vlan
vlan-id
|
Required
|
Caution:
l
When you add a MAC address entry, the port
specified by the interface argument must belong to the VLAN specified by
the vlan argument in the command. Otherwise, the entry will not be
added.
l
If the VLAN specified by the vlan argument
is a dynamic VLAN, after a static MAC address is added, it will become a static
VLAN.
II. Adding a MAC address entry in
Ethernet port view
Table 1-3
Add a MAC address entry in Ethernet port view
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Enter Ethernet port view
|
interface interface-type interface-number
|
—
|
|
Add a MAC address entry
|
mac-address { static | dynamic | blackhole } mac-address
vlan vlan-id
|
Required
|
Caution:
l
When you add a MAC address entry, the current port
must belong to the VLAN specified by the vlan argument in the command.
Otherwise, the entry will not be added.
l
If the VLAN specified by the vlan argument
is a dynamic VLAN, after a static MAC address is added, it will become a static
VLAN.
Setting aging time properly helps implement
effective MAC address aging. The aging time that is too long or too short
results in a large amount of broadcast packets wandering across the network and
decreases the performance of the switch.
l
If the aging time is too long, excessive invalid
MAC address entries maintained by the switch may fill up the MAC address table.
This prevents the MAC address table from being updated with network changes in
time.
l
If the aging time is too short, the switch may
remove valid MAC address entries. This decreases the forwarding performance of
the switch.
Table 1-4
Set aging time of MAC address entries
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Set the aging time of MAC address entries
|
mac-address timer { aging age | no-aging }
|
Required
The default aging time is 300 seconds.
|
This command is used in system view and
applies to all ports. Aging applies to only dynamic MAC addresses that are
learnt or configured to age.
Normally, you are recommended to use the
default aging time, namely, 300 seconds. The no-aging keyword specifies
that MAC address entries do not age out.
1.2.3 Setting the Maximum Number of MAC Addresses
a Port Can Learn
The MAC address learning mechanism enables
an Ethernet switch to acquire the MAC addresses of the network devices on the
segment connected to the ports of the switch. The switch directly forwards the
packets destined for these MAC addresses. A MAC address table too big in size
may decrease the forwarding performance of the switch.
By setting the maximum number of MAC
addresses that can be learnt from individual ports, you can control the number
of the MAC address entries the MAC address table can dynamically maintain. When
the number of the MAC address entries learnt from a port reaches the set value,
the port stops learning MAC addresses.
Table 1-5
Set the maximum number of MAC addresses a port can
learn
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Enter Ethernet port view
|
interface interface-type interface-number
|
—
|
|
Set the maximum number of MAC addresses
the port can learn
|
mac-address max-mac-count count
|
Required
By default, the number of the MAC
addresses a port can learn is not limited.
|
To verify your configuration, you can
display information about the MAC address table by executing the display
command in any view.
Table 1-6
Display and maintain MAC address table
configuration
|
Operation
|
Command
|
Description
|
|
Display information about the MAC address
table
|
display mac-address [ display-option ]
|
The display command can be executed
in any view.
|
|
Display the aging time of the dynamic MAC
address entries in the MAC address table
|
display mac-address aging-time
|
I. Network requirements
l
Log in to the switch through the Console port
and enable address table configuration.
l
Set the aging time of dynamic MAC address
entries to 500 seconds.
l
Add a static MAC address entry 00e0-fc35-dc71
for Ethernet1/0/2 port (assuming that the port belongs to VLAN 1)
II. Network diagram
Figure
1-2 Network diagram for MAC address table
configuration
III. Configuration procedure
# Enter system view.
<H3C> system-view
[H3C]
# Add a MAC address, with the VLAN, ports,
and states specified.
[H3C] mac-address static
00e0-fc35-dc71 interface Ethernet 1/0/2 vlan 1
# Set the aging time of dynamic MAC
addresses to 500 seconds.
[H3C] mac-address timer aging 500
# Display the information about the MAC
address entries in system view.
[H3C] display mac-address interface
Ethernet 1/0/2
MAC ADDR VLAN ID STATE PORT
INDEX AGING TIME(s)
00-e0-fc-35-dc-71 1 Static Ethernet1/0/2 NOAGED
00-e0-fc-17-a7-d6 1 Learned Ethernet1/0/2 AGING
00-e0-fc-5e-b1-fb 1 Learned Ethernet1/0/2 AGING
00-e0-fc-55-f1-16 1 Learned Ethernet1/0/2 AGING
--- 4 mac address(es) found on port
Ethernet1/0/2 ---
