Hello, everyone!
After run the command security anti-macspoofing enable, the MAC anti-spoofing function will be enabled, which is used to prevent malicious users from forging MAC addresses to send packets to attack the device.
After the MAC anti-spoofing function is enabled, the system automatically binds a MAC address to a traffic stream.
The traffic stream can be transmitted upstream through the device only when the source MAC address of the traffic stream is the same as the bound MAC address. Otherwise, the traffic stream is discarded.
This can prevent DHCP and PPPoE users from attacking the device by forging MAC addresses. For your problem, we analyzed the log and here you have the result :
Index : 1
VLAN ID : 11
Conflict Type : MAC conflict
MAC-Address : 80D4-A558-FF7F
IP-Address : -
F/S/P : 0/1/3
Flow ID : 89
Time : 2017-11-15 02:47+01:00
The below security log is reported when a user with the mac-address 80D4-A558-FF7F and service-port 89 send the DHCP or PPPoE packets to dial, and the OLT check this user’s information and find that there has been a bound
relation between the mac-address 80D4-A558-FF7F and the service-port 91 after enable the security anti-macspoofing, so the OLT reject this user, discard the dialing packets and report the log.
411 64d1-5449-120e 445 0/ 0/5 11 57 1 vlan 11
412 e8bd-d1cf-5b86 703 0/ 0/1 24 75 1 vlan 24
413 80d4-a558-ff7f 91 0/ 1/ 3 11 4 1 vlan 11
414 6466-b39d-8cc3 298 0/ 0/6 11 18 1 vlan 11
415 74e6-e244-90da 443 0/ 0/5 11 56 1 vlan 11
Here are some points:
There may be some users who are forging the MAC address to send the packets. You can obverse the laws, do some statistics and block the malice user.
There may be some modems with the mac-address changed after reboot, which may cause the issue if the mac-address is in conflict.
Thanks.
