F3215-HP Load Balancing Module Network Management Configuration Guide-6PW101
35
MAC address table configuration example
Network requirements
As shown in Figure 20:
• The MAC address of Host A is 000f-e235-dc71 and belongs to VLAN 1. It is connected to
GigabitEthernet 0/1 of the device. To prevent MAC address spoofing, add a static entry for the host
in the MAC address table of the device.
• The MAC address of Host B is 000f-e235-abcd and belongs to VLAN 1. For security, because this
host once behaved suspiciously on the network, add a destination blackhole MAC address entry for
the host MAC address, so all packets destined for the host are dropped.
• Set the aging timer for dynamic MAC address entries to 500 seconds.
Figure 20 Network diagram
Configuration procedure
# Add a static MAC address entry.
<LB> system-view
[LB] mac-address static 000f-e235-dc71 interface gigabitethernet 0/1 vlan 1
# Add a destination blackhole MAC address entry.
[LB] mac-address blackhole 000f-e235-abcd vlan 1
# Set the aging timer for dynamic MAC address entries to 500 seconds.
[LB] mac-address timer aging 500
# Display the MAC address entry for port GigabitEthernet 0/1.
[LB] display mac-address interface gigabitethernet 0/1
MAC ADDR VLAN ID STATE PORT INDEX AGING TIME(s)
000f-e235-dc71 1 Config static GigabitEthernet 0/1 NOAGED
--- 1 mac address(es) found ---
# Display information about the destination blackhole MAC address table.
[LB] display mac-address blackhole
MAC ADDR VLAN ID STATE PORT INDEX AGING TIME(s)
000f-e235-abcd 1 Blackhole N/A NOAGED
--- 1 mac address(es) found ---