Configuration example, Adding a static mac address entry manually, Network requirements – H3C Technologies H3C S3100 Series Switches User Manual

Page 215: Configuration procedure

Advertising
background image

1-12

Configuration Example

Adding a Static MAC Address Entry Manually

Network requirements

The server connects to the switch through Ethernet 1/0/2. To prevent the switch from broadcasting

packets destined for the server, it is required to add the MAC address of the server to the MAC address

table of the switch, which then forwards packets destined for the server through Ethernet 1/0/2.

z

The MAC address of the server is 000f-e20f-dc71.

z

Port Ethernet 1/0/2 belongs to VLAN 1.

z

Suppose the MAC address of a host is 000f-e235-abcd and belongs to VLAN 1. Because the host

once behaved suspiciously on the network, you can add a blackhole MAC address entry for the

MAC address to drop all packets destined for the host for security sake.

Configuration procedure

# Enter system view.

<Sysname> system-view

[Sysname]

# Add a MAC address, with the VLAN, ports, and states specified.

[Sysname] mac-address static 000f-e20f-dc71 interface Ethernet 1/0/2 vlan 1

# Add a black hole MAC address 000f-e235-abcd, with the VLAN and ports specified.

[Sysname] mac-address blackhole 000f-e235-abcd interface Ethernet 1/0/2 vlan 1

# Display information about the current MAC address table.

[Sysname] display mac-address interface Ethernet 1/0/2

MAC ADDR VLAN ID STATE PORT INDEX AGING TIME(s)

000f-e20f-dc71 1 Config static Ethernet1/0/2 NOAGED

000f-e235-abcd 1 Blackhole Ethernet1/0/2 NOAGED

000f-e20f-a7d6 1 Learned Ethernet1/0/2 AGING

000f-e20f-b1fb 1 Learned Ethernet1/0/2 AGING

000f-e20f-f116 1 Learned Ethernet1/0/2 AGING

--- 4 mac address(es) found on port Ethernet1/0/2 ---

MAC Address Replication and VLAN Marking Configuration Example

Network requirements

As shown in

Figure 1-8

:

z

Configure VLAN marking on Ethernet 1/0/1 of Switch A to replace the VLAN tag of packets sourced

from 192.168.1.0/24, which carry VLAN tag 3, with VLAN tag 4.

z

Configure VLAN marking on Ethernet 1/0/2 of Switch A to replace the VLAN tag of packet destined

for 192.168.1.0/24, which carry VLAN tag 4, with VLAN 3.

z

To reduce broadcast packets in the network, enable the MAC address replication feature.

Advertising
Popular Brands
Popular manuals