Figure 1-1 Aging of MAC addresses
Port3
Port1
Port2
MAC Address
Port
MAC1 Port1
MAC2 Port2
MAC3 Port3
VLANID
10
10
10
PC1
PC2
PC3
Swtich
MAC3 MAC1 VLAN10 Type Data
M
A
C
3
M
A
C
1
V
L
A
N
1
0
T
y
p
e
D
a
t
a
As shown in the preceding figure, the aging time of MAC addresses is set to T. At t
1
, packets
with the source MAC address 00e0-fc00-0001 and VLAN ID 1 reach an interface. Assume that
the interface is added to VLAN 1. If no entry with the MAC address as 00e0-fc00-0001 and the
VLAN ID as 1 exists in the MAC address table, the MAC address is added to the MAC address
table as a dynamic MAC address entry and the flag of the matching entry is set to 1.
The switch checks all learned dynamic MAC address entries at an interval of T. For example,
at t
2
, if the switch discovers that the flag of the matching dynamic MAC address entry with the
MAC address as 00e0-fc00-0001 and the VLAN ID as 1 is 1, the flag of the matching MAC
address entry is set to 0 and the MAC address entry is not deleted. If packets with the source
MAC address as 00e0-fc00-0001 and the VLAN ID as 1 enter the switch between t
2
and t
3
, the
flag of the matching MAC address entry is set to 1 again. If no packet with the source MAC
address as 00e0-fc00-0001 and the VLAN ID as 1 enters the switch between t
2
and t
3
, the flag
of the matching MAC address entry is always 0. At t
3
, after discovering that the flag of the
matching MAC address entry is 0, the switch assumes that the aging time of the MAC address
entry expires and deletes the MAC address entry.
As stated above, the minimum holdtime of a dynamic MAC address entry in the MAC address
table ranges from the aging time T to 2 T configured on the switch through automatic aging.
The aging time of MAC addresses is configurable. By setting the aging time of MAC addresses,
you can flexibly control the holdtime of learned dynamic MAC address entries in the MAC
address table.
1.2.2 Disabling MAC Address Learning and Limiting the Number
of MAC Addresses
The capacity of a MAC address table is limited. Therefore, when hackers forge a large quantity
of packets with different source MAC addresses and send the packets to a device, the MAC
address table of the device may reach its full capacity. When the MAC address table is full, the
device cannot learn source MAC addresses of valid packets.
A device limits the number of learned MAC addresses in one of the following modes:
Huawei AR530&AR550 Series Industrial Switch Routers
Configuration Guide - Ethernet Switching
1 MAC Address Table Configuration
Issue 01 (2014-11-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
4
To Next Page
Loading...
