Configuring the mac address table, Overview, How a mac address entry is created – H3C Technologies H3C WX5500E Series Access Controllers User Manual

Page 32: Mac address learning, Manually configuring mac address entries

Advertising
background image

21

Configuring the MAC address table

This chapter describes how to configure the MAC address table.

Overview

An Ethernet device uses a MAC address table for forwarding frames through unicast instead of
broadcast. This table describes from which port a MAC address (or host) can be reached. When

forwarding a frame, the device first looks up the destination MAC address of the frame in the MAC

address table for a match. If the device finds an entry, it forwards the frame out of the outgoing port in

the entry. If the device does not find an entry, it broadcasts the frame out of all but the incoming port.
To view MAC address table information, use the display mac-address command as follows:

<Sysname> display mac-address

MAC ADDR VLAN ID STATE PORT INDEX AGING TIME(s)

000f-e201-0101 1 Learned GigabitEthernet1/0/1 AGING

--- 1 mac address(es) found ---

How a MAC address entry is created

The entries in the MAC address table originate from two sources: automatically learned by the device

and manually added by the administrator.

MAC address learning

The device can automatically populate its MAC address table by learning the source MAC addresses of

incoming frames on each port.
When a frame arrives at a port, Port A for example, the device performs the following tasks:

1.

Verifies the source MAC address (for example, MAC-SOURCE) of the frame.

2.

Looks up the source MAC address in the MAC address table.

3.

Updates an entry if it finds one. If the device does not find an entry, it adds an entry for
MAC-SOURCE and Port A.

The device performs the learning process each time it receives a frame from an unknown source MAC
address, until the MAC address table is fully populated.
After learning this source MAC address, when the device receives a frame destined for MAC-SOURCE,

the device finds the MAC-SOURCE entry in the MAC address table and forwards the frame out of Port A.

Manually configuring MAC address entries

With dynamic MAC address learning, a device does not distinguish between illegitimate and legitimate
frames, which can invite security hazards. For example, when a hacker sends frames with a forged

source MAC address to a port different from the one that the real MAC address is connected, the device

creates an entry for the forged MAC address, and forwards frames destined for the legal user to the

hacker instead.

Advertising
Popular Brands
Popular manuals