beautypg.com

Configuring the mac address table, Overview, How a mac address entry is created – H3C Technologies H3C S5560 Series Switches User Manual

Page 37: Mac address learning, Manually configuring mac address entries

background image

3

Configuring the MAC address table

Overview

An Ethernet device uses a MAC address table to forward frames. A MAC address entry includes a

destination MAC address, an outgoing interface, and a VLAN ID. When the device receives a frame, it
uses the destination MAC address of the frame to look for a match in the MAC address table.

The device forwards the frame out of the outgoing interface in the matching entry if a match is
found.

The device floods the frame in the VLAN of the frame if no match is found.

How a MAC address entry is created

The entries in the MAC address table include entries automatically learned by the device and entries

manually added.

MAC address learning

The device can automatically populate its MAC address table by learning the source MAC addresses of

incoming frames on each interface.
When a frame arrives at an interface (for example, port A), the device performs the following operations:

1.

Checks the source MAC address (for example, MAC-SOURCE) of the frame.

2.

Looks up the source MAC address in the MAC address table.

{

The device updates the entry if an entry is found.

{

The device adds an entry for MAC-SOURCE and port A if no entry is found.

3.

When the device receives a frame destined for MAC-SOURCE after learning this source MAC
address, the device performs the following operations:

a.

Finds the MAC-SOURCE entry in the MAC address table.

b.

Forwards the frame out of port A.

The device performs the learning process each time it receives a frame with an unknown source MAC
address until the table is fully populated.

Manually configuring MAC address entries

Dynamic MAC address learning does not distinguish between illegitimate and legitimate frames, which

can invite security hazards. When Host A is connected to port A, a MAC address entry will be learned

for the MAC address of Host A (for example, MAC A). When an illegal user sends frames with MAC A
as the source MAC address to port B, the device performs the following operations:

1.

Learns a new MAC address entry with port B as the outgoing interface and overwrites the old entry
for MAC A.

2.

Forwards frames destined for MAC A out of port B to the illegal user.

As a result, the illegal user obtains the data of Host A. To improve the security for Host A, manually

configure a static entry to bind Host A to port A. Then, the frames destined for Host A are always sent out

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: