Usage Scenario
When interfaces in a VLAN receive unknown unicast packets, or unknown unicast packets, the interfaces broadcast these packets in the VLAN. If the interfaces broadcast a large number of attack packets, the forwarding and security of other packets are threatened.
To disable interfaces in a VLAN from forwarding unknown unicast packets, or unknown unicast packets, run this command.
Precautions
To enable interfaces in a VLAN to learn the source MAC addresses of the unknown unicast packets to be discarded, configure the mac-learning parameter in the command. After the interfaces learn the source MAC addresses of the packets, you can configure a policy to discard the unicast packets carrying these source addresses.
When a VLANIF interface functions as a Layer 3 multicast outbound interface and the function of discarding unknown multicast packets is configured in the VLAN view:
- If IGMP snooping is not configured in a VLAN, IPv4 Layer 3 multicast protocol packets are discarded, affecting IPv4 Layer 3 multicast services.
- If MLD snooping is not configured in a VLAN, IPv6 Layer 3 multicast protocol packets are discarded, affecting IPv6 Layer 3 multicast services.