Specifications

220 ExtremeWare XOS 10.1 Command Reference Guide

FDB Commands

create fdbentry vlan blackhole

create fdbentry <mac_addr> vlan <vlan_name> blackhole {source-mac |

dest-mac | both}

Description

Creates a blackhole FDB entry.

Syntax Description

Default

N/A.

Usage Guidelines

Blackhole entries are useful as a security measure or in special circumstances where packets with a

specific source or destination address must be discarded.

A blackhole entry configures the switch to discard packets with the specified MAC address. You can

specify whether the MAC address should match the source (ingress) MAC address, or the destination

(egress) MAC address, or both.

Blackhole entries are treated like permanent entries in the event of a switch reset or power off/on cycle.

Blackhole entries are never aged-out of the database. In the output from a

show fdb command, entries

will have “p” flag (permanent) set, as well as the “b” (for ingress blackhole) and/or “B” (for egress

blackhole) flags set.

Example

The following command adds a blackhole entry to the FDB for MAC address is 00 E0 2B 12 34 56, in

VLAN marketing on port 4:

create fdbentry 00:E0:2B:12:34:56 vlan marketing both

mac_addr Specifies a device MAC address, using colon-separated bytes.

vlan_name Specifies a VLAN name associated with a MAC address.

blackhole Configures the MAC address as a blackhole entry.

source-mac Specifies that the blackhole MAC address matches the ingress source MAC

address.

dest-mac Specifies that the blackhole MAC address matches the egress destination

MAC address.

both Specifies that the blackhole MAC address matches the ingress source MAC

address or the egress destination MAC address.