How to configure CE series switches to ignore the destination MAC address of packets for Layer 3 forwarding

20

During network maintenance, traffic is often mirrored and then forwarded to a specific device for analysis. In most cases, a switch forwards only packets whose destination MAC address is the local Layer 3 interface's MAC address according to routes. The switch forwards other packets at Layer 2 or discards them. If necessary, the switch can also forward other packets at Layer 3 after it is configured to ignore the destination MAC address of packets. Only CE12800 and CE6870EI series switches support this configuration.
# Configure a switch to ignore the destination MAC address of packets.
system-view
[~HUAWEI] ip routing ignore-mac
[*HUAWEI] commit

Other related questions:
Are packets in a bridge group forwarded at Layer 2 or Layer 3
Packets in a bridge group are forwarded at Layer 2. Only interfaces supporting Layer 3 functions can be added to a bridge. Data in a bridge, however, is forwarded at Layer 2.

How to display the source and destination addresses of forwarded packets on S series switches
For S series switches (except the S1700), no command is available to display the source or destination addresses of the forwarded packets. If you want to obtain the addresses, use a tool to capture packets.

Do Ethernet interfaces on CE series switches support switching between Layer 2 and Layer 3 modes
Ethernet interfaces on all CE series switches, except the CE6810LI, support switching between Layer 2 and Layer 3 modes. By default, Ethernet interfaces on CE series switches work in Layer 2 mode. 1. Switching Layer 2 interface to Layer 3 mode: Run the undo portswitch command in the interface view to switch a Layer 2 interface to Layer 3 mode. Before switching, delete all non-default configurations from the interface. 2. Switching Layer 3 interface to Layer 2 mode: Run the portswitch command in the interface view to switch a Layer 3 interface to Layer 2 mode. Before switching, delete all Layer 3 service configurations from the interface.

Are the switch MAC address entries matching destination MAC addresses of packets aged out
In V100R005 and earlier versions, by default, MAC address entries are aged out no matter whether the entries match destination MAC addresses of packets. To resolve network problems, modify the V100R005SPH007 patch as follows: The aging time is recalculated for the MAC address entries to be aged out when the entries match destination MAC addresses of packets. In V100R006 and later versions, by default, the aging time is recalculated for the MAC address entries to be aged out when the entries match destination MAC addresses of packets. NOTE: This command is used only when one-way services are deployed on the network. Packets of two-way services are transmitted bidirectionally; therefore, dynamic MAC address entries match both the source MAC addresses and destination MAC addresses of packets and are not aged. When a user uses one-way services such as the on-demand service, packets are transmitted unidirectionally from the server to the user terminal. When the user terminal is shut down, the server still sends one-way packets. Therefore, the destination MAC address of the packets matches the MAC address entry and the MAC address is never aged out.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top