Disabling mac address learning for a vlan, Disabling mac address learning for a vlan -7 – H3C Technologies H3C WX3000 Series Unified Switches User Manual
Page 168
21-7
dynamically maintain. When the number of the MAC address entries learnt from a port reaches the set
value, the port stops learning MAC addresses.
Follow these steps to set the maximum number of MAC addresses a port can learn:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter Ethernet port view
interface interface-type
interface-number
—
Set the maximum number of MAC
addresses the port can learn
mac-address max-mac-count
count
Required
By default, the number of the MAC
addresses a port can learn is not
limited.
Specifying the maximum number of MAC addresses a port can learn disables centralized MAC address
authentication and port security on the port. On the other hand, if you enable centralized MAC address
authentication and port security on a port, you cannot specify the maximum number of MAC addresses
the port can learn.
Disabling MAC Address learning for a VLAN
You can disable a switch from learning MAC addresses in specific VLANs to improve stability and
security for the users belong to these VLANs and prevent unauthorized accesses.
Follow these steps to disable MAC address learning for a VLAN:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter VLAN view
vlan
vlan-id —
Disable the switch from learning
MAC addresses in the VLAN
mac-address max-mac-count
0
Required
By default, the device learns MAC
addresses in every VLAN.
z
If the VLAN is configured as a remote probe VLAN used by port mirroring, you can not disable MAC
address learning of this VLAN. Similarly, after you disable MAC address learning, this VLAN can
not be configured as a remote probe VLAN.
z
Disabling the MAC address learning function of a VLAN takes no effect on enabling the centralized
MAC address authentication on the ports that belong to the VLAN.