The aging time for the secure dynamic MAC addresses learned by the interface is set.
By default, secure dynamic MAC addresses will not be aged out after the port security function
is enabled.
NOTE
Before setting the aging time of secure dynamic MAC addresses, you must enable port security.
----End
6.4.7 Checking the Configuration
Procedure
l Run the display current-configuration interface interface-type interface-number
command to check the configuration of an interface.
l Run the display mac-address command to check the secure dynamic MAC address entries
and sticky MAC address entries.
----End
Example
Run the display mac-address command to view the secure dynamic MAC address entries and
sticky MAC address entries.
<Huawei> display mac-address sticky
-------------------------------------------------------------------------------
MAC Address VLAN/Bridge Learned-From Type
-------------------------------------------------------------------------------
0000-1111-3333 2/- Eth0/0/2 sticky
-------------------------------------------------------------------------------
Total items displayed = 1
6.5 Configuring Limitation on MAC Address Learning
This section describes how to limit MAC learning based on interfaces and VLANs.
6.5.1 Establishing the Configuration Task
Applicable Environment
This function is applicable to networks that have fixed access users but are vulnerable to attacks
from hackers, for example, the network of a residential community or an intranet that lacks
security management.
Pre-configuration Tasks
None
Huawei AR3200 Series Enterprise Routers
Configuration Guide - LAN 6 MAC Address Table Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
165
To Next Page
Loading...
