HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

Ste

Command

Remarks

3. Add or modify a static or

dynamic MAC address entry.

mac-address { dynamic |

static } mac-address vlan

vlan-id

By default, no MAC address entry is

configured.

Make sure you have created the VLAN

and assigned the interface to the VLAN.

Configuring a destination blackhole MAC address entry

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Add or modify a

destination blackhole

MAC address entry.

mac-address blackhole mac-address

vlan vlan-id

By default, no MAC address entry is

configured.

Make sure you have created the VLAN

and assigned the interface to the VLAN.

Configuring the aging timer for dynamic MAC address entries

The MAC address table uses an aging timer for dynamic MAC address entries for security and efficient

use of table space. If a dynamic MAC address entry has failed to update before the aging timer expires,

the device deletes that entry. This aging mechanism makes sure the MAC address table can promptly

update to accommodate the latest network changes.

Set the aging timer appropriately. Too long an aging interval might cause the MAC address table to

retain outdated entries, exhaust the MAC address table resources, and fail to update its entries to

accommodate the latest network changes. Too short an interval might result in removal of valid entries,

causing unnecessary floods, which could affect device performance.

To configure the aging timer for dynamic MAC address entries:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Configure the aging timer for

dynamic MAC address

entries.

mac-address timer

{ aging seconds |

no-aging }

Optional.

The default aging timer is 300 seconds.

The no-aging keyword disables the aging timer.

The value range for the seconds argument varies

by device model. For information about the

value range and hardware compatibility, see

Network Management Command Reference.

You can reduce floods on a stable network by disabling the aging timer to prevent dynamic entries from

unnecessarily aging out. By reducing floods, you improve not only network performance, but also

security, because you reduce the chances that a data packet will reach unintended destinations.

Configuring the MAC learning limit on an interface

The following matrix shows the feature and hardware compatibility: