Which MAC addresses do not age

6

Static media access control (MAC) addresses and blackhole MAC addresses.

Other related questions:
Which MAC addresses do not age
Static media access control (MAC) addresses and blackhole MAC addresses.

How to check and configure the MAC address aging time on an S series switch
For S series switches (except the S1700), configure the MAC address aging time as follows:
[HUAWEI] mac-address aging-time 500 //Set the MAC address aging time to 500s.

Check the MAC address aging time as follows:
<HUAWEI> display mac-address aging-time
  Aging time:300 second(s)     //The current aging time is 300s.

Why secure MAC addresses are not aged when the aging time arrives
The secure MAC address aging time is related to the global aging time of dynamic MAC addresses, and depends on the MAC address traffic match flag bit that is updated after the dynamic MAC addresses are globally aged out. That is, after the secure MAC address aging time arrives, the system checks whether the MAC address flag bit is cleared. If it is not cleared, the secure MAC address is not aged out.

Are the switch MAC address entries matching destination MAC addresses of packets aged out
In V100R005 and earlier versions, by default, MAC address entries are aged out no matter whether the entries match destination MAC addresses of packets. To resolve network problems, modify the V100R005SPH007 patch as follows: The aging time is recalculated for the MAC address entries to be aged out when the entries match destination MAC addresses of packets. In V100R006 and later versions, by default, the aging time is recalculated for the MAC address entries to be aged out when the entries match destination MAC addresses of packets. NOTE: This command is used only when one-way services are deployed on the network. Packets of two-way services are transmitted bidirectionally; therefore, dynamic MAC address entries match both the source MAC addresses and destination MAC addresses of packets and are not aged. When a user uses one-way services such as the on-demand service, packets are transmitted unidirectionally from the server to the user terminal. When the user terminal is shut down, the server still sends one-way packets. Therefore, the destination MAC address of the packets matches the MAC address entry and the MAC address is never aged out.

Whether USG firewalls support the aging time configured for MAC address entries
The USG2000 and USG5000 support the aging time configured for MAC address entries.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top