Managing the MAC address table
6.2.3 This page will explain how switches create and manage MAC address tables.
Switches examine the source address of frames that are received on the ports to learn the MAC address of PCs or workstations that are connected to it. These learned MAC addresses are then recorded in a MAC address table. Frames that have a destination MAC address that has been recorded in the table can be switched out to the correct interface.
The show mac-address-table command can be entered in the Privileged EXEC mode to examine the addresses that a switch has learned.
A switch dynamically learns and maintains thousands of MAC addresses. To preserve memory and for optimal operation of the switch, learned entries may be discarded from the MAC address table. Machines may have been removed from a port, turned off, or moved to another port on the same switch or a different switch. This can cause confusion when frames are forwarded. For all these reasons, if no frames are seen with a previously learned address, the MAC address entry is automatically discarded or aged out after 300 seconds.
Rather than wait for a dynamic entry to age out, network administrators can use the clear mac-address-table command in Privileged EXEC mode. MAC address entries configured by network administrators can also be removed with this command. This method to clear table entries ensures that invalid addresses are removed immediately.
The Lab Activities will teach students how to create a basic switch configuration and manage the MAC address table.
The next page will discuss static MAC addresses.
The next page will discuss port security
6.2.3 This page will explain how switches create and manage MAC address tables.
Switches examine the source address of frames that are received on the ports to learn the MAC address of PCs or workstations that are connected to it. These learned MAC addresses are then recorded in a MAC address table. Frames that have a destination MAC address that has been recorded in the table can be switched out to the correct interface.
The show mac-address-table command can be entered in the Privileged EXEC mode to examine the addresses that a switch has learned.
A switch dynamically learns and maintains thousands of MAC addresses. To preserve memory and for optimal operation of the switch, learned entries may be discarded from the MAC address table. Machines may have been removed from a port, turned off, or moved to another port on the same switch or a different switch. This can cause confusion when frames are forwarded. For all these reasons, if no frames are seen with a previously learned address, the MAC address entry is automatically discarded or aged out after 300 seconds.
Rather than wait for a dynamic entry to age out, network administrators can use the clear mac-address-table command in Privileged EXEC mode. MAC address entries configured by network administrators can also be removed with this command. This method to clear table entries ensures that invalid addresses are removed immediately.
The Lab Activities will teach students how to create a basic switch configuration and manage the MAC address table.
The next page will discuss static MAC addresses.
Configuring static MAC addresses
6.2.4 This page will explain how static MAC addresses are configured on
a Catalyst 2900 switch.
A MAC address can be permanently assigned to an interface. The
following are reasons to assign a permanent MAC address to an interface: - The MAC address
will not be aged out automatically by the switch.
- A specific
server or user workstation must be attached to the port and the MAC address
is known.
- Security is
enhanced.
Switch(config)#mac-address-table
static <mac-address of host > interface FastEthernet
<Ethernet number > vlan <vlan name >
The following command can be used to remove a static MAC address
for a switch:
Switch(config)#no
mac-address-table static <mac-address of host > interface
FastEthernet <Ethernet number > vlan <vlan name >
In the Lab Activities, students will configure static MAC
addresses. The next page will discuss port security
No comments:
Post a Comment