4.1.2 MAC address table security
- MAC address entry types include:
- Dynamic MAC address entries: learned by the interface through the source MAC address in the packet, and the entries can be aged. After the system is reset, the interface board is hot-plugged, or the interface board is reset, the dynamic entries will be lost.
- Static MAC address entry: manually configured by the user and delivered to each interface board, and the entry does not age out. After the system is reset, the interface board is hot-plugged, or the interface board is reset, the saved entries will not be lost. After an interface is statically bound to a MAC address, packets with the source MAC address received by other interfaces will be discarded.
- Blackhole MAC address entry: manually configured by the user and delivered to each interface board, and the entry cannot be aged. After a blackhole MAC address is configured, packets with the source MAC address or destination MAC address of this MAC address will be discarded.
- MAC address table security function
- Static MAC address entry
Configure the MAC addresses of some fixed uplink devices or trusted users as static MAC entries to ensure their secure communication