Configuring the mac address table, Overview, How a mac address entry is created – H3C Technologies H3C S12500-X Series Switches User Manual
Page 31: Mac address learning, Manually configuring mac address entries, Types of mac address entries, Configuring a loopback interface
20
Configuring the MAC address table
Overview
An Ethernet device uses a MAC address table to forward frames. A MAC address entry contains a
destination MAC address, an outgoing interface, and a VLAN ID. Upon receiving a frame, the device
uses the destination MAC address of the frame to look for a match in the MAC address table. If a match
is found, the device forwards the frame out of the outgoing interface in the matching entry. If no match
is found, the device floods the frame to all interfaces in the same VLAN as the incoming interface.
How a MAC address entry is created
The entries in the MAC address table originate from two sources: automatically learned by the device
and manually added by the administrator.
MAC address learning
The device can automatically populate its MAC address table by learning the source MAC addresses of
incoming frames on each interface.
When a frame arrives at an interface (for example, Port A), the device performs the following tasks:
1.
Checks the source MAC address (for example, MAC-SOURCE) of the frame.
2.
Looks up the source MAC address in the MAC address table.
{
If an entry is found, the device updates the entry.
{
If no entry is found, the device adds an entry for MAC-SOURCE and Port A.
3.
When the device receives a frame destined for MAC-SOURCE after learning this source MAC
address, the device finds the MAC-SOURCE entry in the MAC address table and forwards the
frame out of Port A.
The device performs the learning process each time it receives a frame from an unknown source MAC
address until the MAC address table is fully populated.
Manually configuring MAC address entries
With dynamic MAC address learning, a device does not distinguish between illegitimate and legitimate
frames, which can invite security hazards. For example, when an illegal user sends frames with a forged
source MAC address to an interface different from the one where the real MAC address is associated, the
device creates an entry for the forged MAC address, and forwards frames destined for the legal user to
the illegal user instead.
To improve interface security and prevent illegal users from stealing data, you can manually add MAC
address entries to the MAC address table of the device to bind specific user devices to the interface.
Types of MAC address entries
A MAC address table can contain the following types of entries: