How does an MFF-enabled switch process gateway MAC address changes

25

If MFF gateway detection is enabled on a switch, the switch detects gateway MAC address changes and updates the gateway MAC address entries. In this way, user services are not interrupted. However, if MFF gateway detection is disabled, the switch does not update the gateway MAC address entries and user traffic may be interrupted. To detect gateway MAC address changes, enable MFF gateway detection on the switch.

Other related questions:
How does an MFF-enabled switch process ARP requests from the network side
When receiving an ARP Request packet, an MFF-enabled switch checks the destination IP address in the packet against the DHCP snooping binding table. If the destination IP address in the packet matches an entry in the DHCP snooping binding table, the switch functions as a DHCP client to response to the request; otherwise, the ARP Request packet is sent to other network-side interfaces. A DHCP client may not send a DHCP Release message when going offline; therefore, association between ARP and DHCP snooping may be enabled on the upstream gateway device. In this case, if MFF is enabled on the switch, the probe packet sent by the gateway cannot reach the destination because ARP proxy is enabled on the switch. On switches of V100R006 and later version, run the mac-forced-forwarding user-detect transparent command in the VLAN view to solve this problem.

How does an S series switch process ARP and MAC address entries when the STP topology changes
When the STP topology changes, an S series switch (except the S1700) processes ARP and MAC address entries as follows: 1. By default, all ports enter the Discarding state after STP is enabled. When the STP topology changes, dynamic ARP entries and MAC addresses on all ports are deleted. 2. When a port enters the Discarding state during normal running of the system, dynamic ARP and MAC address entries on the port are deleted. In addition, the device sends a TC packet to the upstream device, requesting it to delete the dynamic ARP and MAC address entries. When the root node receives the TC packet, the topology of the entire network converges.

How to solve MAC address flapping on S series switch
Firstly, check whether a loop occurs on the network. Secondly, use one of the following methods to prevent MAC address flapping: 1. Run the mac-address static mac-address command in the system view to configure static MAC addresses on an interface. 2. Configure the MAC address learning priority on an interface. That is, run the mac-learning priority priority-id command in the interface view on modular switches or S5720HI, S6720EI, and S5720EI fixed switches or run the mac-spoofing-defend enable command in the interface view on S5700LI, S5700S-LI, S5710-X-LI, S2750EI, S5720S-SI, and S5720SI fixed switches. After different MAC address learning priorities are configured for interfaces, only the MAC address entry learned by a high-priority interface can overwrite that learned by a low-priority interface if different interfaces have learned the same MAC address entry. This prevents MAC address flapping. Note that SA cards of modular switches do not support the MAC address learning priority configuration. You can run the undo mac-learning priority priority-id allow-flapping command in the system view to prohibit MAC address flapping between interfaces with the same priority.

How is an S series switch process the Query message with the destination MAC address as the unicast MAC address
After Layer 2 multicast is enabled on a switch, the switch checks the destination MAC addresses of received IGMP messages. If the destination MAC address of a packet does not match its destination IP address, the switch drops the packet. Therefore, when the switch receives IGMP Query messages with unicast destination MAC addresses, it drops the messages. As a result, user hosts cannot receive the Query messages, and multicast forwarding entries on the switch cannot be updated. Then multicast forwarding is interrupted. When the switch connects to an ME60 and the ME60 performs multicast replication on a per user basis, IGMP Query messages sent from the ME60 uses user MAC addresses as destination MAC addresses. The switch drops these IGMP Query messages. In this case, modify the configuration on the ME60 to ensure that the IGMP Query messages sent from the ME60 use destination MAC addresses mapping their destination IP addresses. Then the switch can generate a router port when receiving the Query messages and forward the Query message to user hosts.

How do I change the MAC address of an AR
To change the MAC address of an AR, use the following method. Run the set system-mac command in the diagnostic view. For example, # Change the default MAC address to 00e0-0987-7890. [Huawei] diagnose [Huawei-diagnose] set system-mac default 00e0-0987-7890 Info: The public mac-address set pass. Note: A MAC address is globally unique. Do not change the MAC address of an AR in normal situations. When configuring a MAC address, note the following points: - The MAC address cannot be all 0s or all 1s. - The multicast MAC address cannot be configured. - If a device supports multiple MAC addresses, the last four bits of the MAC address must be all 0s.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top