Manualshelf

Reference Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S5000
541542543544545546547548549550
Layer 2 | 547
Learning Limit Violation Actions
Station Move Violation Actions
Recovering from Learning Limit and Station Move Violations
Important Points about Configuring Redundant Pairs
MAC Address Learning Limit is a method of port security on Layer 2 port-channel and physical interfaces,
and VLANs. It enables you to set an upper limit on the number of MAC addresses that learned on an
interface/VLAN. After the limit is reached, the system drops all traffic from a device with an unlearned
MAC address.
To set a MAC learning limit on an interface:
Three options are available with the
mac learning-limit command: dynamic, no-station-move, and
station-move.
mac learning-limit dynamic
The MAC address table is stored in the Layer 2 FIB region of CAM. The Layer 2 FIB region allocates
space for static MAC address entries and dynamic MAC address entries. When MAC Learning Limit is
enabled, entries created on this port are static by default. When you configure the
dynamic option, learned
MAC addresses are stored in the dynamic region and are subject to aging. Entries created before this
option is set are not affected.
mac learning-limit mac-address-sticky
Using sticky MAC addresses allows you to associate a specific port with MAC addresses from trusted
devices. If sticky MAC is enabled, the specified port will retain any dynamically-learned addresses and
prevent them from being transferred or learned on other ports.
Dell Networking OS Behavior: When configuring MAC Learning Limit on a port or VLAN the configuration is
accepted (becomes part of running-config and show mac learning-limit interface) before the system verifies that
sufficient CAM space exists. If the CAM check fails, a message is displayed:
%E90MH:5 %ACL_AGENT-2-ACL_AGENT_LIST_ERROR: Unable to apply access-list Mac-Limit on
TenGigabitEthernet 5/84
In this case, the configuration is still present in the running-config and show output. Remove the configuration before
re-applying a MAC learning limit with lower value. Also, ensure that Syslog messages can be viewed on your session.
Task Command Syntax Command Mode
Specify the number of MAC addresses that the system can
learn off a Layer 2 interface.
mac learning-limit address_limit INTERFACE
Note: An SNMP trap is available for mac learning-limit station-move. No other SNMP traps are available
for MAC Learning Limit, including limit violations.