MAC Address Table
You can configure static MAC addresses for unicast traffic. This feature improves security and reduces unknown unicast flooding.
To configure Unicast Static MAC address, run the following:
mac-address-table static
unicast <destination mac address> vlan <vlan identifier(1
-4094
)> interface
ethernet <slot>/<port>
For example:
switch
(config) # mac-address-table static
00
:11
:22
:33
:44
:55
vlan 1
interface
ethernet 1
/1
MAC learning may be disabled using the command mac-learning disable which is beneficial in the following situations:
To prevent denial-of-service attacks
To manage the available MAC address table space by controlling which interfaces can learn MAC addresses
To duplicate to a dedicated server (port7 in the figure below) all the packets that one host (host1; port1) sends to another (host2; port2), like in port mirroring. To accomplish this, MAC learning is disabled on port2. In this case the FDB does not obtain the MAC address of host2. Also, to prevent broadcast to every port, it is possible to configure a VLAN (VLAN 80) which ports 1, 2 and 7 are member of.
mac-address-table aging-time
mac-address-table aging-time <age> no mac-address-table aging-time Sets the maximum age of a dynamically learnt entry in the MAC address table. The no form of the command resets the aging time of the MAC address table to its default. |
||
Syntax Description |
age |
10-1000000 seconds |
Default |
300 |
|
Configuration Mode |
config |
|
History |
3.1.0600 |
|
Example |
switch (config) # mac-address-table aging-time 50 |
|
Related Commands |
show mac-address-table show mac-address-table aging time |
|
Notes |
mac-address-table static
mac-address-table static <mac address> vlan <vlan> interface <if-type> <if-number> no mac-address-table static <mac address> vlan <vlan> interface <if-type> <if-number> Configures a static MAC address in the forwarding database. The no form of the command deletes a configured static MAC address from the forwarding database. |
||
Syntax Description |
mac address |
Destination MAC address |
vlan |
VLAN ID or VLAN range |
|
if-type |
Ethernet or port-channel interface type |
|
if-number |
Interface number (i.e. 1/1, 3) |
|
Default |
No static MAC addresses available in default |
|
Configuration Mode |
config |
|
History |
3.1.0600 |
|
Example |
switch (config) # mac-address-table static aa:aa:aa:aa:aa:aa vlan 1 interface ethernet 1/7 |
|
Related Commands |
show mac-address-table mac-address-table aging time |
|
Notes |
The no form of the command will not clear a dynamic MAC address. Dynamic MAC addresses are cleared using the “clear mac-address-table dynamic” command. |
mac-learning disable
mac-learning disable no mac-learning disable Disables MAC-address learning. The no form of the command enables MAC-address learning. |
||
Syntax Description |
N/A |
|
Default |
Enabled |
|
Configuration Mode |
config interface ethernet config interface port-channel |
|
History |
3.1.0600 |
|
Example |
switch (config interface ethernet 1/1) # mac-learning disable |
|
Related Commands |
||
Notes |
|
clear mac-address-table dynamic
clear mac-address-table dynamic Clear the dynamic entries in the MAC address table. |
||
Syntax Description |
N/A |
|
Default |
N/A |
|
Configuration Mode |
config |
|
History |
3.1.0600 |
|
Example |
switch (config) # clear mac-address-table dynamic |
|
Related Commands |
mac-address-table aging-time mac-address-table static show mac-address-table |
|
Notes |
This command does not clear the MAC addresses learned on the mgmt0 port. Static entries are deleted using the “no mac-address-table static” command. |
show mac-address-table
show mac-address-table [address <mac-address> | <if-number> | vlan [<vlan> | range <range>] | unicast] Displays the static and dynamic unicast and multicast MAC addresses for the switch. Various of filter options available. |
||
Syntax Description |
mac-address |
Filters the table to a specific MAC address. |
if-number |
Filters the table to a specific interface. |
|
vlan |
Filters the table to a specific VLAN number (1-4094). |
|
range |
Filters the table to a range of VLANs. |
|
unicast |
Filters the table to a unicast addresses only. |
|
Default |
N/A |
|
Configuration Mode |
Any command mode |
|
History |
3.1.0600 |
|
3.3.4500 |
Updated example |
|
3.8.1000 |
Updated syntax & example |
|
Example |
switch (config) # show mac-address-table switch (config) # show mac-address-table unicast |
|
Related Commands |
mac-address-table static clear mac-address-table |
|
Notes |
show mac-address-table aging-time
show mac-address-table aging-time Displays the MAC address table aging time. |
||
Syntax Description |
N/A |
|
Default |
N/A |
|
Configuration Mode |
Any command mode |
|
History |
3.1.0600 |
|
Example |
switch (config) # show mac-address-table aging-time |
|
Related Commands |
mac-address-table aging-time mac-address-table static clear mac-address-table |
|
Notes |
MAC addresses learned on the mgmt0 is not shown by this command. |
show mac-address-table interface
show mac-address-table interface [port-channel | mlag-port-channel <if>] Displays the MAC address table of a LAG or an MPO. |
||
Syntax Description |
N/A |
|
Default |
N/A |
|
Configuration Mode |
Any command mode |
|
History |
3.6.4006 |
|
Example |
switch (config) # show mac-address-table Number of unicast: 2 switch (config) # show mac-address-table interface port-channel 5 Number of unicast: 1 |
|
Related Commands |
mac-address-table static clear mac-address-table |
|
Notes |
show mac-address-table interface nve
show mac-address-table interface nve <nve-id> Displays MAC address table on specific NVE interface. |
||
Syntax Description |
nve-id |
NVE ID |
Default |
N/A |
|
Configuration Mode |
Any command mode |
|
History |
3.8.1000 |
|
Example |
switch (config) # show mac-address-table interface nve 1 |
|
Related Commands |
protocol nve mac-address-table static clear mac-address-table |
|
Notes |
This command is not supported if NVE is not enabled. |
show mac-address-table summary
show mac-address-table summary Displays total number of unicast/multicast MAC address entries. |
||
Syntax Description |
N/A |
|
Default |
N/A |
|
Configuration Mode |
Any command mode |
|
History |
3.6.2002 |
|
3.8.1000 |
Updated example |
|
Example |
switch (config) # show mac-address-table summary |
|
Related Commands |
mac-address-table static clear mac-address-table |
|
Notes |