H3C Technologies H3C SecPath F1000-E User Manual

Page 78

Advertising
background image

53

Adding or modifying a MAC address table entry in system view

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Add or modify a

dynamic or static MAC
address entry.

mac-address { dynamic | static } mac-address
interface interface-type interface-number vlan

vlan-id

Use either command.
Make sure that you have
created the VLAN and

assigned the interface to

the VLAN.

3.

Add or modify a
blackhole MAC address

entry.

mac-address blackhole mac-address vlan vlan-id

Adding or modifying a MAC address table entry on an interface

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter Layer 2 Ethernet or
aggregate interface view.

interface interface-type
interface-number

N/A

3.

Add or modify a static or

dynamic MAC address entry.

mac-address { dynamic | static }
mac-address vlan vlan-id

Make sure that you have created
the VLAN and assigned the
interface to the VLAN.

Configuring the aging timer for dynamic MAC address entries

The MAC address table uses an aging timer for dynamic MAC address entries for security and efficient
use of table space. If a dynamic MAC address entry has failed to update before the aging timer expires,

the device deletes the entry. This aging mechanism ensures that the MAC address table could promptly

update to accommodate latest network changes.
Set the aging timer appropriately. Too long am aging interval may cause the MAC address table to
retain outdated entries, exhaust the MAC address table resources, and fail to update its entries to

accommodate the latest network changes. Too short an interval may result in removal of valid entries,

causing unnecessary broadcasts, which may affect device performance.
To configure the aging timer for dynamic MAC address entries:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Configure the aging timer for
dynamic MAC address

entries.

mac-address timer { aging seconds
| no-aging }

Optional.
300 seconds by default.

You can reduce broadcasts on a stable network by disabling the aging timer to prevent dynamic entries
from unnecessarily aging out. By reducing broadcasts, you improve not only network performance, but

also security, because the chances for a data packet to reach unintended destinations are reduced.

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS, H3C SecBlade LB Cards, H3C SecPath L1000-A Load Balancer

Popular Brands
Popular manuals