Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
MAC Address Table

MAC Address Table

Latest reply: Mar 10, 2022 06:18:43 506 14 7 0 2
View the author 1#

An switch holds one MAC address table.

The MAC address entry can be classified into the dynamic entry, the static entry and the blackhole entry.

  • The dynamic entry is created by learning the      source MAC address. It has      aging time.

  • The static entry is set by users and is delivered      to each SIC. It does      not age.

  • The blackhole entry is used to discard the frame      with the specified source MAC address or destination MAC address. Users      manually set the blackhole entries and send them to each SIC. Blackhole entries have no aging      time.

The dynamic entry will be lost after the system is reset or the interface board is hot swapped or reset. The static entry and the blackhole entry, however, will not be lost.

Automatically Generated MAC Address Entries

Generally, an switch learns the source MAC addresses and then creates MAC address entries. When a device connected to a port of switch sends a packet to the switch, the switch obtains the source MAC address in the frame, and adds the source MAC address and the port to the MAC address table. Since then, when receiving data packets destined for that device, the switch can find the outbound port by checking the MAC address table.

The switch updates the MAC table at intervals to adapt to the changes of network. The entries in the MAC table will not be valid all the time. Each entry has its own lifetime. If the entry has not been refreshed at the expiration of its lifetime, the switch will delete that entry from the MAC table. That lifetime is called aging time. If the entry is refreshed before its lifetime expires, the switch resets the aging time for it.

Manually Configured MAC Address Entries

When creating MAC address entries by itself, the device cannot identify whether the packets are from the legal users or the hackers. This threatens the network safety.

Hackers can fake the source MAC address in attack packets. The packet with a forged address enters the switch from the other port. Then the device learns a fault MAC table entry. That is why the packets sent to the legal users are forwarded to the hackers.

For security, the network administrator can add static entries to the MAC table manually to bind the user's device and the port of the switch. In this way, the switch can stop the illegal users from stealing data.

By configuring blackhole MAC address entries, you can configure the specified user traffic not to pass through a switch to prevent attacks from unauthorized users.

The priority of MAC entries set up by users is higher than that generated by the switch itself.

Aging Time of MAC Addresses

To adapt to the changes of networks, the MAC table needs to be updated constantly. The dynamic entries automatically in a MAC address table are not always valid. Each entry has a life cycle. The entry that has never been updated till its life cycle ends will be deleted. This life cycle is called aging time. If the entry is updated before its life cycle ends, the aging time of the entry is recalculated.

Dynamic learned MAC address entries age, whereas static MAC address entries do not age.

Figure 1 Aging of MAC addresses

aging mac

As shown in the preceding figure, the aging time of MAC addresses is set to T. At t1, packets with the source MAC address 00e0-fc00-0001 and VLAN ID 1 reach an interface. Assume that the interface is added to VLAN 1. If no entry with the MAC address as 00e0-fc00-0001 and the VLAN ID as 1 exists in the MAC address table, the MAC address is added to the MAC address table as a dynamic MAC address entry and the flag of the matching entry is set to 1.

The switch checks all learned dynamic MAC address entries at an interval of T. For example, at t2, if the switch discovers that the flag of the matching dynamic MAC address entry with the MAC address as 00e0-fc00-0001 and the VLAN ID as 1 is 1, the flag of the matching MAC address entry is set to 0 and the MAC address entry is not deleted. If packets with the source MAC address as 00e0-fc00-0001 and the VLAN ID as 1 enter the switch at t2 and t3, the flag of the matching MAC address entry is set to 1 again. If no packet with the source MAC address as 00e0-fc00-0001 and the VLAN ID as 1 enters the switch between t2 and t3, the flag of the matching MAC address entry is always 0. At t3, after discovering that the flag of the matching MAC address entry is 0, the switch assumes that the aging time of the MAC address entry expires and deletes the MAC address entry.

As stated above, the minimum holdtime of a dynamic MAC address entry in the MAC address table ranges from the aging time T to 2 T configured on the switch through automatic aging.

The aging time of MAC addresses is configurable. By setting the aging time of MAC addresses, you can flexibly control the holdtime of learned dynamic MAC


Previous post Introduction to MAC



MAC

Like (7) Dislike (0) Favorite(2) Share Report
Previous: Difference between Stelnet and Ssh?
Next: HUAWEI HiLink is requesting an Administrator Password that I dont have
(0) (0)
11#
TriNguyen
Created Mar 10, 2022 05:27:59

Good share
View more
  • x
  • convention:
(0) (0)
12#
Saqibaz
Created Mar 10, 2022 06:18:43

Good post. Keep up the good work!
View more
  • x
  • convention:

lucian2003
lucian2003 Created Mar 10, 2022 18:12:30 (0) (0)
thanks  
12
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.