This chapter
describes the management of static, dynamic, and blackhole MAC address entries.
For information about the management of multicast MAC address entries, refer to
the section “IGMP-Snooping” in H3C S3100-SI Series Ethernet Switches
Operation Manual.
1.1 Overview
An Ethernet switch maintains a MAC address
table to forward packets quickly. A MAC address table is a port-based Layer 2 address
table. It is the base for Ethernet switch to perform Layer 2 packet forwarding.
Each entry in a MAC address table contains the following fields:
l
Destination MAC address
l
ID of the VLAN which a port belongs to.
l
Forwarding port number.
Upon receiving a packet, a switch queries its
MAC address table for the forwarding port number according to the destination
MAC address carried in the packet and then forwards the packet through the
port.
The dynamic address entries (not configured
manually) in the MAC address table are learned by the Ethernet switch. When an
Ethernet switch learns a MAC address, the following occurs:
When a switch receives a packet from one of
its ports (referred to as Port 1), the switch extracts the source MAC address
(referred to as MAC-SOURCE) of the packet and considers that the packets
destined for MAC-SOURCE can be forwarded through Port 1.
l
If the MAC address table already contains
MAC-SOURCE, the switch updates the corresponding MAC address entry.
l
If MAC-SOURCE does not exist in the MAC address
table, the switch adds MAC-SOURCE and Port 1 as a new MAC address entry to the
MAC address table.
Figure 1-1 A switch uses a MAC address
table to forward packets.
After learning the source address of the
packet, the switch searches the MAC address table for the destination MAC
address of the received packet:
l
If it finds a match, it directly forwards the
packet.
l
If it finds no match, it forwards the packet to
all ports, except the receiving port, within the VLAN to which the receiving
port belongs. Normally, this is referred to as broadcasting the packet.
After the packet is broadcast:
l
If the network device returns a packet to the
switch, this indicates the packet has been sent to the destination device. The MAC
address of the device is carried in the packet. The switch adds the new MAC
address to the MAC address table through address learning. After that, the
switch can directly forward other packets destined for the same network device
by using the newly added MAC address entry.
l
If the destination device does not respond to
the packet, this indicates that the destination device is unreachable or that
the destination device receives the packet but gives no response. In this case,
the switch still cannot learn the MAC address of the destination device.
Therefore, the switch will still broadcast any other packet with this
destination MAC address.
To fully utilize a MAC address table, which
has a limited capacity, the switch uses an aging mechanism for updating the
table. That is, the switch removes the MAC address entries related to a network
device if no packet is received from the device within the aging time. Aging
time only applies to dynamic MAC address entries.
You can manually configure (add or modify)
a static or dynamic MAC address entry based on the actual network environment.
The switch learns only unicast addresses by using the MAC address
learning mechanism but directly drops any packet with a broadcast source MAC
address.
Entries in a MAC address table fall into
the following categories according to their characteristics and configuration
methods:
l
Static MAC address entry: Also known as
permanent MAC address entry. This type of MAC address entries are added/removed
manually and can not age out by themselves. Using static MAC address entries can
reduce broadcast packets remarkably and are suitable for networks where network
devices seldom change.
l
Dynamic MAC address entry: This type of MAC
address entries age out after the configured aging time. They are generated by
the MAC address learning mechanism or configured manually.
l
Blackhole MAC address entry: This type of MAC
address entries are configured manually. A switch discards the packets destined
for or originated from the MAC addresses contained in blackhole MAC address
entries.
Table 1-1 lists the different types of MAC address entries and their characteristics.
Table 1-1 Characteristics of different
types of MAC address entries
|
MAC address entry
|
Configuration method
|
Aging time
|
Reserved or not at reboot (if the
configuration is saved)
|
|
Static MAC address entry
|
Manually configured
|
Unavailable
|
Yes
|
|
Dynamic MAC address entry
|
Manually configured or generated by MAC
address learning mechanism
|
Available
|
No
|
|
Blackhole MAC address entry
|
Manually configured
|
Unavailable
|
Yes
|
Table 1-2 Basic system configuration
tasks
You can add, modify, or remove one MAC
address entry, remove all MAC address entries (unicast MAC addresses only) concerning
a specific port, or remove specific type of MAC address entries (dynamic or
static MAC address entries).
You can add a MAC address entry in either
system view or Ethernet port view.
I. Adding a MAC address entry in
system view
Table 1-3 Add a MAC address entry in
system view
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Add a MAC address entry
|
mac-address { static | dynamic | blackhole } mac-address
interface interface-type interface-number vlan
vlan-id
|
Required
|
Caution:
When you add a MAC
address entry, the port specified by the interface argument must belong to the VLAN specified by the vlan argument in the command. Otherwise,
the entry will not be added.
II. Adding a MAC address entry in
Ethernet port view
Table 1-4 Add a MAC address entry in
Ethernet port view
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Enter Ethernet port view
|
interface interface-type interface-number
|
—
|
|
Add a MAC address entry
|
mac-address { static | dynamic | blackhole } mac-address
vlan vlan-id
|
Required
|
Caution:
When you add a MAC
address entry, the port specified by the interface argument must belong to the VLAN specified by the vlan argument in the command. Otherwise,
the entry will not be added.
Setting aging time properly helps implement
effective MAC address aging. The aging time that is too long or too short
results in a large amount of broadcast packets wandering across the network and
decreases the performance of the switch.
l
If the aging time is too long, excessive invalid
MAC address entries maintained by the switch may fill up the MAC address table.
This prevents the MAC address table from varying with network changes in time.
l
If the aging time is too short, the switch may
remove valid MAC address entries. This decreases the forwarding performance of
the switch.
Table 1-5 Set aging time of MAC address
entries
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Set the aging time of MAC address entries
|
mac-address timer { aging age | no-aging }
|
Required
The default aging time is 300 seconds.
|
This command is used in system view and
applies to all ports. Aging applies to only dynamic MAC addresses that are
learnt or configured to age.
Normally, you are recommended to use the
default aging time, namely, 300 seconds. The no-aging keyword specifies
that MAC address entries do not age out.
1.2.4 Setting the Maximum Number of MAC Addresses a Port Can Learn
The MAC address learning mechanism enables
an Ethernet switch to acquire the MAC addresses of the network devices on the
segment connected to the ports of the switch. The switch directly forwards the
packets destined for these MAC addresses. A MAC address table too big in size
may decrease the forwarding performance of the switch.
By setting the maximum number of MAC
addresses that can be learnt from individual ports, you can control the number
of the MAC address entries the MAC address table can dynamically maintains.
When the number of the MAC address entries learnt from a port reaches the set
value, the port stops learning MAC addresses.
Table 1-6 Set the maximum number of MAC
addresses a port can learn
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Enter Ethernet port view
|
interface interface-type interface-number
|
—
|
|
Set the maximum number of MAC addresses
the port can learn
|
mac-address
max-mac-count count
|
Required
By default, the number of the MAC
addresses a port can learn is not limited.
|
You can not manually
delete a dynamic MAC address entry of an Ethernet port after you set the
maximum number of MAC addresses it can learn.
To verify your configuration, you can
display information about the MAC address table by executing the display
command in any view.
Table 1-7 Display and maintain MAC
address table configuration
|
Operation
|
Command
|
Description
|
|
Display information
about the MAC address table
|
display
mac-address [ display-option ]
|
The display
command can be executed in any view.
|
|
Display
the aging time of the dynamic MAC address entries in the MAC address table
|
display
mac-address aging-time
|
l
Log in to the switch through the Console port
and enable address table configuration.
l
Set the aging time of dynamic MAC address
entries to 500 seconds.
l
Add a static MAC address entry 000f-e20f-dc71
for Ethernet1/0/2 port (assuming that the port belongs to VLAN 1)
Figure 1-2 Network diagram for MAC
address table configuration
# Enter
system view.
<H3C> system-view
[H3C]
# Add a MAC address, with the VLAN, ports,
and states specified.
[H3C] mac-address static 000f-e20f-dc71
interface Ethernet 1/0/2 vlan 1
# Set the aging time of dynamic MAC
addresses to 500 seconds.
[H3C] mac-address timer aging 500
# Display the information about the MAC
address entries in system view.
[H3C] display mac-address interface
Ethernet 1/0/2
MAC ADDR VLAN ID STATE PORT
INDEX AGING TIME(s)
000f-e20f-dc71 1 Static Ethernet1/0/2 NOAGED
000f-e20f-a7d6 1 Learned Ethernet1/0/2 AGING
000f-e20f-b1fb 1 Learned Ethernet1/0/2 AGING
000f-e20f-f116 1 Learned Ethernet1/0/2 AGING
--- 4 mac address(es) found on port
Ethernet1/0/2 ---
