Configuring the mac address table, Overview, How a mac address entry is created – H3C Technologies H3C WX5500E Series Access Controllers User Manual

158

Configuring the MAC address table

MAC address configurations related to interfaces apply to Layer 2 Ethernet interfaces and Layer 2

aggregate interfaces only.
This document covers only the configuration of unicast MAC address entries, including static, dynamic,
and destination blackhole entries.

Overview

To reduce single-destination packet flooding in a switched LAN, an Ethernet device uses a MAC address

table for forwarding frames. This table describes from which port a MAC address (or host) can be
reached. When forwarding a single-destination frame, the device first looks up the destination MAC

address of the frame in the MAC address table for a match. If the device finds an entry, it forwards the

frame out of the outgoing port in the entry. If the device does not find an entry, it floods the frame out of

all but the incoming port.

How a MAC address entry is created

The device automatically learns entries in the MAC address table, or you can add them manually.

MAC address learning

The device can automatically populate its MAC address table by learning the source MAC addresses of
incoming frames on each port.
When a frame arrives at a port, Port A, for example, the device performs the following tasks:

•

Verifies the source MAC address (for example, MAC-SOURCE) of the frame.

•

Looks up the source MAC address in the MAC address table.

•

Updates an entry if it finds one. If the device does not find an entry, it adds an entry for
MAC-SOURCE and Port A.

The device performs this learning process each time it receives a frame from an unknown source MAC

address, until the MAC address table is fully populated.
After learning a source MAC address, when the device receives a frame destined for MAC-SOURCE, the

device finds the MAC-SOURCE entry in the MAC address table and forwards the frame out Port A.
To adapt to network changes and prevent inactive entries from occupying table space, an aging

mechanism is adopted for dynamic MAC address entries. Each time a dynamic MAC address entry is
learned or created, an aging timer starts. If the entry has not updated when the aging timer expires, the

device deletes the entry. If the entry has updated before the aging timer expires, the aging timer restarts.

Manually configuring MAC address entries

With dynamic MAC address learning, a device does not distinguish between illegitimate and legitimate

frames. For example, when a hacker sends frames with a forged source MAC address to a port different
from the one to which the real MAC address is connected, the device creates an entry for the forged

MAC address, and forwards frames destined for the legal user to the hacker instead.