MAC Address Table

You can configure static MAC addresses for unicast traffic. This feature improves security and reduces unknown unicast flooding.

To configure Unicast Static MAC address, run the following:

Copy
Copied!
            

mac-address-table static unicast <destination mac address> vlan <vlan identifier(1-4094)> interface ethernet <slot>/<port>

For example:

Copy
Copied!
            

switch (config) # mac-address-table static 00:11:22:33:44:55 vlan 1 interface ethernet 1/1

MAC learning may be disabled using the command mac-learning disable which is beneficial in the following situations:

  • To prevent denial-of-service attacks

  • To manage the available MAC address table space by controlling which interfaces can learn MAC addresses

  • To duplicate to a dedicated server (port7 in the figure below) all the packets that one host (host1; port1) sends to another (host2; port2), like in port mirroring. To accomplish this, MAC learning is disabled on port2. In this case the FDB does not obtain the MAC address of host2. Also, to prevent broadcast to every port, it is possible to configure a VLAN (VLAN 80) which ports 1, 2 and 7 are member of.

MAC_Learning_Disable_Example_Case.png

mac-address-table aging-time

mac-address-table aging-time <age>
no mac-address-table aging-time

Sets the maximum age of a dynamically learnt entry in the MAC address table.
The no form of the command resets the aging time of the MAC address table to its default.

Syntax Description

age

10-1000000 seconds

Default

300

Configuration Mode

config

History

3.1.0600

Example

switch (config) # mac-address-table aging-time 50

Related Commands

show mac-address-table
show mac-address-table aging time

Notes

mac-address-table static

mac-address-table static <mac address> vlan <vlan> interface <if-type> <if-number>
no mac-address-table static <mac address> vlan <vlan> interface <if-type> <if-number>

Configures a static MAC address in the forwarding database.
The no form of the command deletes a configured static MAC address from the forwarding database.

Syntax Description

mac address

Destination MAC address

vlan

VLAN ID or VLAN range

if-type

Ethernet or port-channel interface type

if-number

Interface number (i.e. 1/1, 3)

Default

No static MAC addresses available in default

Configuration Mode

config

History

3.1.0600

Example

switch (config) # mac-address-table static aa:aa:aa:aa:aa:aa vlan 1 interface ethernet 1/7

Related Commands

show mac-address-table
mac-address-table aging time

Notes

The no form of the command will not clear a dynamic MAC address. Dynamic MAC addresses are cleared using the “clear mac-address-table dynamic” command.

mac-learning disable

mac-learning disable
no mac-learning disable

Disables MAC-address learning.
The no form of the command enables MAC-address learning.

Syntax Description

N/A

Default

Enabled

Configuration Mode

config interface ethernet
config interface port-channel

History

3.1.0600

Example

switch (config interface ethernet 1/1) # mac-learning disable

Related Commands

Notes

  • When adding a port to a LAG, the port needs to be aligned with the LAG’s configuration

  • When removing a port from a LAG, the port remains in whichever configuration the LAG is in

  • Disabling MAC learning is not supported on a local analyzer port.

  • Disabling MAC learning is not supported on an IPL LAG.

clear mac-address-table dynamic

clear mac-address-table dynamic

Clear the dynamic entries in the MAC address table.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

3.1.0600

Example

switch (config) # clear mac-address-table dynamic

Related Commands

mac-address-table aging-time
mac-address-table static
show mac-address-table

Notes

This command does not clear the MAC addresses learned on the mgmt0 port. Static entries are deleted using the “no mac-address-table static” command.

show mac-address-table

show mac-address-table [address <mac-address> | <if-number> | vlan [<vlan> | range <range>] | unicast]

Displays the static and dynamic unicast and multicast MAC addresses for the switch. Various of filter options available.

Syntax Description

mac-address

Filters the table to a specific MAC address.

if-number

Filters the table to a specific interface.

vlan

Filters the table to a specific VLAN number (1-4094).

range

Filters the table to a range of VLANs.

unicast

Filters the table to a unicast addresses only.

Default

N/A

Configuration Mode

Any command mode

History

3.1.0600

3.3.4500

Updated example

3.8.1000

Updated syntax & example

Example

switch (config) # show mac-address-table

Switch ethernet-default

Vlan Mac Address Type Interface
---- ----------- ---- ------------
1 00:00:00:00:00:01 Static Po5
1 00:00:3d:5c:fe:16 Dynamic Eth1/1
1 00:00:3d:5d:fe:1b Dynamic Eth1/2
Number of unicast: 2

switch (config) # show mac-address-table unicast
-----------------------------------------------------------
Vlan Mac Address Type Port\Next Hop
-----------------------------------------------------------
1 24:8a:07:2e:61:72 Dynamic Eth1/31
6 00:00:11:22:33:44 Static 192.168.2.2(nve1)
6 00:00:66:77:88:99 Static 192.168.2.2(nve1)

Related Commands

mac-address-table static
clear mac-address-table

Notes

show mac-address-table aging-time

show mac-address-table aging-time

Displays the MAC address table aging time.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any command mode

History

3.1.0600

Example

switch (config) # show mac-address-table aging-time

Mac Address Aging Time: 300

Related Commands

mac-address-table aging-time
mac-address-table static
clear mac-address-table

Notes

MAC addresses learned on the mgmt0 is not shown by this command.

show mac-address-table interface

show mac-address-table interface [port-channel | mlag-port-channel <if>]

Displays the MAC address table of a LAG or an MPO.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any command mode

History

3.6.4006

Example

switch (config) # show mac-address-table
---------------------------------------------------
Vlan Mac Address Type Port
---------------------------------------------------
1 E4:1D:2D:37:11:22 Static Eth1/1
1 E4:1D:2D:37:3E:11 Static Po5
Number of unicast: 2
Number of multicast: 0
switch (config) # show mac-address-table interface port-channel 5
---------------------------------------------------
Vlan Mac Address Type Port
---------------------------------------------------
1 E4:1D:2D:37:3E:11 Static Po5
Number of unicast: 1
Number of multicast: 0

Related Commands

mac-address-table static
clear mac-address-table

Notes

show mac-address-table interface nve

show mac-address-table interface nve <nve-id>

Displays MAC address table on specific NVE interface.

Syntax Description

nve-id

NVE ID

Default

N/A

Configuration Mode

Any command mode

History

3.8.1000

Example

switch (config) # show mac-address-table interface nve 1
-----------------------------------------------------
Vlan Mac Address Type Port\Next Hop
-----------------------------------------------------
60 E4:1D:2D:37:11:22 Dynamic
Number of unicast(local): 1
Number of NVE: 1

Related Commands

protocol nve
mac-address-table static
clear mac-address-table

Notes

This command is not supported if NVE is not enabled.

show mac-address-table summary

show mac-address-table summary

Displays total number of unicast/multicast MAC address entries.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any command mode

History

3.6.2002

3.8.1000

Updated example

Example

switch (config) # show mac-address-table summary
Number of unicast(local): 4
Number of NVE: 2

Related Commands

mac-address-table static
clear mac-address-table

Notes

© Copyright 2023, NVIDIA. Last updated on Sep 9, 2023.