MAC address learning through a Layer 3 device

Introduction

This feature enables the device to learn the MAC address of a terminal (a PC for example) when a Layer 3 device (typically a gateway) exists between the device and the terminal for network traffic control.

Figure-1 MAC address learning through a Layer 3 device workflow

As shown in Figure-1, MAC address learning through a Layer 3 device proceeds as follows:

1. The Layer 3 device learns the IP-MAC binding of the terminal, and then generates an ARP entry.

2. The device sends SNMP requests to the Layer 3 device at the specified intervals to request the ARP entry.

3. The Layer 3 device sends a response that contains the ARP entry.

4. Upon receiving the response, the device saves the ARP entry in the memory. Then it can learn the MAC address of the terminal.

Restrictions and guidelines

• Make sure the Layer 3 device supports SNMPv2c or SNMPv3, has SNMP agent enabled, and has a community name configured.

• Only MAC addresses mapped from IPv4 addresses can be learned.

• Make sure no NAT devices exist between the device and the Layer 3 device.

• This feature is not applicable to a VRF network.

Configure MAC address learning through a Layer 3 device

Procedure

1. Select System > Maintenance > MAC Learning Through L3 Device > L3 Device Access Setting.

2. Click Enable to enable MAC address learning through a Layer 3 device.

3. (Optional.) Set the polling interval and idle timeout

   Table-1 Configuration items for MAC address learning through a Layer 3 device

   Item	Description
   Polling interval	Interval for sending SNMP requests, in seconds
   Idle timeout	Idle timeout for SNMP responses, in seconds

4. Click Apply.

5. Add a Layer 3 device:

   1. Click Add.

   2. Configure the following settings:

      Item	Description
      SNMP version	SNMP version. Options include v2c and v3.
      IP address	IP address of the target Layer 3 device, typically the gateway of the terminal network. Only IPv4 addresses are supported.
      Community name (SNMPv2c)	Devices in a community use a community name for authentication. The device can communicate with the Layer 3 device only if it has the same community name as the SNMP agent on the Layer 3 device.
      Username (SNMPv3)	Authentication can be performed only if the device and the SNMP agent on the Layer 3 device have the same username.
      Authentication algorithm	For a successful authentication, make sure these settings are the same as those on the SNMP agent of the Layer 3 device.
      Authentication password
      Encryption algorithm
      Encryption password

6. Click OK.