Displaying and maintaining the mac address table, Mac address table configuration example, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual

54

Displaying and maintaining the MAC address table

Task Command

Remarks

Display MAC address table
information.

display mac-address [ mac-address [ vlan vlan-id ] |
[ [ dynamic | static ] [ interface interface-type

interface-number ] | blackhole ] [ vlan vlan-id ]
[ count ] ] [ | { begin | exclude | include }

regular-expression ]

Available in any view

Display the aging timer for
dynamic MAC address

entries.

display mac-address aging-time [ | { begin |
exclude | include } regular-expression ]

Available in any view

MAC address table configuration example

Network requirements

As shown in

Figure 38

, Host A (000f-e235-dc71) belongs to VLAN 1, and is connected to

GigabitEthernet 0/1 of SecPath; Host B (000f-e235-abcd), which once behaved suspiciously on the

network, belongs to VLAN 1.
To prevent MAC address spoofing, add a static entry for Host A in the MAC address table of the SecPath

firewall.
For security, add a destination blackhole MAC address entry for Host B’s MAC address, so that all

packets destined for Host B will be dropped.
Set the aging timer for dynamic MAC address entries to 500 seconds.

Figure 38 Network diagram

Configuration procedure

# Add a static MAC address entry.

<Sysname> system-view

[Sysname] mac-address static 000f-e235-dc71 interface gigabitethernet 0/1 vlan 1

# Add a destination blackhole MAC address entry.

[Sysname] mac-address blackhole 000f-e235-abcd vlan 1

# Set the aging timer for dynamic MAC address entries to 500 seconds.