Displaying and maintaining the mac address table, Mac address table configuration example, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual
Page 79: Configuration procedure
54
Displaying and maintaining the MAC address table
Task Command
Remarks
Display MAC address table
information.
display mac-address [ mac-address [ vlan vlan-id ] |
[ [ dynamic | static ] [ interface interface-type
interface-number ] | blackhole ] [ vlan vlan-id ]
[ count ] ] [ | { begin | exclude | include }
regular-expression ]
Available in any view
Display the aging timer for
dynamic MAC address
entries.
display mac-address aging-time [ | { begin |
exclude | include } regular-expression ]
Available in any view
MAC address table configuration example
Network requirements
, Host A (000f-e235-dc71) belongs to VLAN 1, and is connected to
GigabitEthernet 0/1 of SecPath; Host B (000f-e235-abcd), which once behaved suspiciously on the
network, belongs to VLAN 1.
To prevent MAC address spoofing, add a static entry for Host A in the MAC address table of the SecPath
firewall.
For security, add a destination blackhole MAC address entry for Host B’s MAC address, so that all
packets destined for Host B will be dropped.
Set the aging timer for dynamic MAC address entries to 500 seconds.
Figure 38 Network diagram
Configuration procedure
# Add a static MAC address entry.
[Sysname] mac-address static 000f-e235-dc71 interface gigabitethernet 0/1 vlan 1
# Add a destination blackhole MAC address entry.
[Sysname] mac-address blackhole 000f-e235-abcd vlan 1
# Set the aging timer for dynamic MAC address entries to 500 seconds.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS H3C SecBlade LB Cards H3C SecPath L1000-A Load Balancer