R3204P16-HP Load Balancing Module Network Management Configuration Guide-6PW101
Table Of Contents
- Title page
- Contents
- Interface management configuration
- IP addressing configuration
- MAC address table configuration
- Layer 2 forwarding configuration
- Layer 2 forwarding overview
- Configuring general Layer 2 forwarding
- Configuring inline Layer 2 forwarding
- Configuring inter-VLAN Layer 2 forwarding
- Forward-type inline Layer 2 forwarding configuration example
- Blackhole-type inline Layer 2 forwarding configuration example
- Inter-VLAN Layer 2 forwarding configuration example
- VLAN configuration
- ARP configuration
- Gratuitous ARP configuration
- Proxy ARP configuration
- Layer 3 forwarding configuration
- NAT configuration
- Overview
- Configuring a NAT policy in the web interface
- Configuring NAT in the CLIs
- Configuration guidelines
- ALG configuration
- Static route configuration
- RIP configuration
- OSPF configuration
- BGP configuration
- Policy-based routing configuration
- Route displaying
- DNS configuration
- Overview
- Configuring DNS on the web interface
- Configuring DNS in the CLIs
- Troubleshooting IPv4 DNS configuration
- Support and other resources
- Index
27
Configuring the aging timer for dynamic MAC address entries
The MAC address table on your LB module uses an aging timer for dynamic MAC address entries for
security and efficient use of table space. If a dynamic MAC address entry has failed to update before the
aging timer expires, the LB module deletes the entry. This aging mechanism ensures that the MAC
address table could promptly updated to accommodate the latest network changes.
Set the aging timer appropriately. Too long an aging interval may cause the MAC address table to retain
outdated entries, exhaust the MAC address table resources, and fail to update its entries to
accommodate the latest network changes. Too short an interval may result in the removal of valid entries,
causing unnecessary broadcasts, which may affect device performance.
Follow these steps to configure the aging timer for dynamic MAC address entries:
To do… Use the command…
Remarks
Enter system view system-view —
Configure the aging timer for
dynamic MAC address entries
mac-address timer { aging
seconds | no-aging }
Optional
The no-aging keyword disables the aging
timer.
You can reduce broadcasts on a stable network by disabling the aging timer to prevent dynamic entries
from unnecessarily aging out. By reducing broadcasts, you improve not only network performance, but
also security, because the chances for a data packet to reach unintended destinations are reduced.
Displaying and maintaining MAC address tables
To do… Use the command…
Remarks
Display MAC address table
information
display mac-address [ mac-address [ vlan
vlan-id ] | [ [ dynamic | static ] [ interface
interface-type interface-number ] |
blackhole ] [ vlan vlan-id ] [ count ] ]
Available in any view
Display the aging timer for
dynamic MAC address entries
display mac-address aging-time Available in any view
MAC address table configuration example
Network requirements
• The MAC address of one host is 000f-e235-dc71 and belongs to VLAN 1. It is connected to
Ten-GigabitEthernet 0/0 of the LB module. To prevent MAC address spoofing, add a static entry for
the host in the MAC address table of the module.
• The MAC address of another host is 000f-e235-abcd and belongs to VLAN 1. For security, because
this host once behaved suspiciously on the network, add a destination blackhole MAC address
entry for the host MAC address, so that all packets destined for the host will be dropped.
• Set the aging timer for dynamic MAC address entries to 500 seconds.
Configuration procedure
# Add a static MAC address entry.
<Sysname> system-view
[Sysname] mac-address static 000f-e235-dc71 interface Ten-GigabitEthernet 0/0 vlan 1