blacklist mac-address
Function
The blacklist mac-address command adds a specified MAC address to the blacklist.
The undo blacklist mac-address command deletes a MAC address from the blacklist.
By default, no MAC address is added to the blacklist. A maximum of 128 MAC addresses can be added to the blacklist.
This command can only be executed on a parent switch.
Format
blacklist mac-address mac-address1 [ to mac-address2 ]
undo blacklist mac-address { mac-address1 [ to mac-address2 ] | all }
Parameters
| Parameter | Description | Value |
|---|---|---|
| mac-address1 [ to mac-address2 ] | Specifies the MAC address to be added to the blacklist. |
The value is in H-H-H format, where H is a hexadecimal number of 1 to 4 digits. The value cannot be all 0s, all Fs, or a multicast MAC address. |
| all | Deletes all the MAC addresses in the blacklist. |
- |
Usage Guidelines
Usage Scenario
When an SVF system needs to authenticate an AS, the SVF system allows the AS to connect to if the MAC address of the AS is in the whitelist and disallows the AS to connect to if the MAC address is in the blacklist.
Precautions
A MAC address cannot exist in both the whitelist and blacklist.
By default, if the MAC address of an AS is neither in the whitelist nor in the blacklist, the AS fails the authentication. You can run the confirm { all | mac-address mac-address } command to allow all ASs or a specified AS to pass the authentication.
If the MAC address of an AS that has connected to an SVF system is added to the blacklist, the AS restarts and exits from the SVF system.