The mac-address learning disable command disables MAC address learning.
The undo mac-address learning disable command enables MAC address learning.
By default, MAC address learning is enabled.
mac-address learning disable [ action { discard | forward } ] (Interface view)
mac-address learning disable (VLAN view)
undo mac-address learning disable
Parameter |
Description |
Value |
|---|---|---|
action |
Indicates the action that the interface takes after MAC address learning is disabled.
By default, an interface forwards the packets carrying new MAC addresses after MAC address learning is disabled. |
- |
discard |
Discards the packets whose source MAC addresses do not match the MAC address table. |
- |
forward |
Forwards the packets according to the MAC address table. |
- |
VLAN view, 100GE interface view, Ethernet interface view, GE interface view, XGE interface view, 40GE interface view, MultiGE interface view, Eth-Trunk interface view, port group view, 25GE interface view
Usage Scenario
If you want an interface to forward only packets with certain MAC addresses, use this command. For example, if an interface is connected to a server, configure a static MAC address entry with the MAC address of the server, and then disable MAC address learning and set the action to discard on the interface. The configuration prevents other servers or terminals from accessing the interface and improves network stability and security.
When a switch with MAC address learning enabled receives an Ethernet frame, it records the source MAC address and inbound interface of the Ethernet frame in a MAC address entry. When receiving other Ethernet frames destined for this MAC address, the switch forwards the frames through the corresponding outbound interface according to the MAC address entry. MAC address learning reduces broadcast packets on a network.
You can use the mac-address learning disable command to disable MAC address learning on an interface. The action performed on received packets can be set to discard or forward.
By default, the switch takes the forward action after MAC address learning is disabled. That is, the switch forwards packets according to the MAC address table. When the action is set to discard, the switch looks up the source MAC address of the packet in the MAC address table. If the source MAC address is found in the MAC address table, the switch forwards the packet according to the matching MAC address entry. If the source MAC address is not found, the switch discards the packet.
Precautions
Before running the mac-address learning disable command on an Eth-Trunk interface, ensure that the Eth-Trunk interface works in Layer 2 mode; otherwise, the configuration fails. To switch an Eth-Trunk interface from the Layer 3 mode to the Layer 2 mode, you can run the portswitch command in the view of the Eth-Trunk interface.
This action cannot be configured in the VLAN view.
After MAC address learning is disabled on an interface, the device does not learn new MAC addresses on the interface. Untrusted terminals can still access the network.