Displaying and maintaining mac address tables, Mac address table configuration example, Network requirements – H3C Technologies H3C SecBlade NetStream Cards User Manual

111

Displaying and maintaining MAC address tables

To do…

Use the command…

Remarks

Display MAC address table
information

display mac-address [ mac-address [ vlan vlan-id ] |
[ [ dynamic | static ] [ interface interface-type

interface-number ] | blackhole ] [ vlan vlan-id ]

[ count ] ]

Available in any view

Display the aging timer for
dynamic MAC address entries display mac-address aging-time

Available in any view

MAC address table configuration example

Network requirements

As shown in

Figure 36

:

•

The MAC address of Host A is 000f-e235-dc71 and belongs to VLAN 1. It is connected to
GigabitEthernet 0/2 of the device. To prevent MAC address spoofing, add a static entry for the host

in the MAC address table of the device.

•

The MAC address of Host B is 000f-e235-abcd and belongs to VLAN 1. For security, because this
host once behaved suspiciously on the network, add a destination blackhole MAC address entry for
the host MAC address, so that all packets destined for the host will be dropped.

•

Set the aging timer for dynamic MAC address entries to 500 seconds.

Figure 36 Network diagram for MAC address table configuration

Configuration procedure

# Add a static MAC address entry.

<SecBlade> system-view
[SecBlade] mac-address static 000f-e235-dc71 interface gigabitethernet 0/2 vlan 1

# Add a destination blackhole MAC address entry.

[SecBlade] mac-address blackhole 000f-e235-abcd vlan 1

# Set the aging timer for dynamic MAC address entries to 500 seconds.

[SecBlade] mac-address timer aging 500