User's Manual
7-8
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 7  Performing Switch Administration
Information About Performing Switch Administration
MAC Address Learning on a VLAN
By default, MAC address learning is enabled on all VLANs on the switch. You can control MAC address 
learning on a VLAN to manage the available MAC address table space by controlling which VLANs, 
and therefore which ports, can learn MAC addresses. Before you disable MAC address learning, be sure 
that you are familiar with the network topology and the switch system configuration. Disabling MAC 
address learning on a VLAN could cause flooding in the network. 
Follow these guidelines when disabling MAC address learning on a VLAN:
  • Use caution before disabling MAC address learning on a VLAN with a configured switch virtual 
interface (SVI). The switch then floods all IP packets in the Layer 2 domain. 
  • You can disable MAC address learning on a single VLAN ID (for example, no mac address-table 
learning vlan 223) or on a range of VLAN IDs (for example, no mac address-table learning vlan 
1-20, 15).
  • We recommend that you disable MAC address learning only in VLANs with two ports. If you 
disable MAC address learning on a VLAN with more than two ports, every packet entering the 
switch is flooded in that VLAN domain. 
  • You cannot disable MAC address learning on a VLAN that is used internally by the switch. If the 
VLAN ID that you enter is an internal VLAN, the switch generates an error message and rejects the 
command. To view internal VLANs in use, enter the show vlan internal usage privileged EXEC 
command.
  • If you disable MAC address learning on a VLAN configured as a private-VLAN primary VLAN, 
MAC addresses are still learned on the secondary VLAN that belongs to the private VLAN and are 
then replicated on the primary VLAN. If you disable MAC address learning on the secondary 
VLAN, but not the primary VLAN of a private VLAN, MAC address learning occurs on the primary 
VLAN and is replicated on the secondary VLAN.
  • You cannot disable MAC address learning on an RSPAN VLAN. The configuration is not allowed.
  • If you disable MAC address learning on a VLAN that includes a secure port, MAC address learning 
is not disabled on that port. If you disable port security, the configured MAC address learning state 
is enabled.
To reenable MAC address learning on a VLAN, use the default mac address-table learning vlan 
vlan-id global configuration command. You can also reenable MAC address learning on a VLAN by 
entering the mac address-table learning vlan vlan-id global configuration command. The first 
(default) command returns to a default condition and therefore does not appear in the output from the 
show running-config command. The second command causes the configuration to appear in the show 
running-config privileged EXEC command display. 
ARP Table Management
To communicate with a device (over Ethernet, for example), the software first must learn the 48-bit MAC 
address or the local data link address of that device. The process of learning the local data link address 
from an IP address is called address resolution.
The Address Resolution Protocol (ARP) associates a host IP address with the corresponding media or 
MAC addresses and the VLAN ID. Using an IP address, ARP finds the associated MAC address. When 
a MAC address is found, the IP-MAC address association is stored in an ARP cache for rapid retrieval. 
Then the IP datagram is encapsulated in a link-layer frame and sent over the network. Encapsulation of 










