Manual

ManualsBrandsQTECH ManualsAccessories communicationQSW-3400 Инструкция по настройке

341

342

343

344

345

346

347

348

349

350

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

341

ARP list entries of the switch, causing successful DOS attacks.

To summer up, it is very meaningful to develop the number limitation function of MAC and IP

in port, VLAN. Switch can control the number of MAC address of ports and the number ARP,

ND list entry of ports and VLAN through configuration commands.

Limiting the number of dynamic MACand IP of ports:

1. Limiting the number of dynamic MAC. If the number of dynamically learnt MAC address by

the switch is already larger than or equal with the max number of dynamic MAC address,

then shutdown the MAC study function on this port, otherwise, the port can continue its

study.

2. Limiting the number of dynamic IP. If the number of dynamically learnt ARP and ND by the

switch is already larger than or equal with the max number of dynamic ARP and ND, then

shutdown the ARP and ND study function of this port, otherwise, the port can continue its

study.

Limiting the number of MAC, ARP and ND of interfaces:

1. Limiting the number of dynamic MAC. If the number of dynamically learnt MAC address by

the VLAN of the switch is already larger than or equal with the max number of dynamic

MAC address, then shutdown the MAC study function of all the ports in this VLAN,

otherwise, all the ports in this VLAN can continue their study (except special ports).

2. Limiting the number of dynamic IP. If the number of dynamically learnt ARP and ND by the

switch is already larger than or equal with the max number of dynamic ARP and ND, then

the VLAN will not study any new ARP or ND, otherwise, the study can be continued.

41.2 The Number Limitation Function of MAC and IP in Port, VLAN

Configuration Task Sequence

1. Enable the number limitation function of MAC and IP on ports

2. Enable the number limitation function of MAC and IP in VLAN

3. Configure the timeout value of querying dynamic MAC

4. Configure the violation mode of ports

5. Display and debug the relative information of number limitation of MAC and IP on ports

1. Enable the number limitation function of MAC and IP on ports

Command

Explanation

Port configuration mode

switchport mac-address dynamic maximum

<value>

no switchport mac-address dynamic

maximum

Enable and disable the number limitation

function of MAC on the ports.