mac-address blackhole
Function
The mac-address blackhole command configures a blackhole MAC address entry.
The undo mac-address command deletes a blackhole MAC address entry.
By default, no blackhole MAC address entry is configured for the system.
Format
mac-address blackhole mac-address vlan vlan-id
undo mac-address blackhole [ mac-address ] [ vlan vlan-id ]
undo mac-address mac-address vlan vlan-id
Parameters
| Parameter | Description | Value |
|---|---|---|
| blackhole | Indicates a blackhole entry. When a frame of a specified address configured in the blackhole entry is received, the frame is discarded. After being configured and saved, the entries can survive the system reset and hot swap of the interface board. | - |
| mac-address | Specifies the unicast MAC address. | The value is in the format of H-H-H. H is a 4-digit hexadecimal number, such as 00e0 and fc01. If an H contains less than four hexadecimal digits, the first numbers contained in the H are 0s. For example, if an H is e0, it is equal to 00e0. FFFF-FFFF-FFFF is invalid for a MAC address. |
| vlan vlan-id | Specifies the VLAN ID. | The value must be the ID of an existing VLAN. |
Usage Guidelines
The network administrator is familiar with the MAC addresses of all devices on the network. If the MAC address of a legal user is configured as a blackhole MAC address, the user's communications will be interrupted.
If the destination MAC address of a packet matches a blackhole MAC address entry, the packet will be discarded. After being configured and saved, blackhole MAC address entries are not lost after the reset or hot plug of the interface board. Blackhole MAC address entries can be added or deleted, and they will not be aged.
Unlike configuring a static MAC entry, you can configure a blackhole MAC entry without specifying an outbound interface.
Example
# Add a blackhole MAC address entry with the MAC address being 0011-2233-4455 to VLAN 10. The frame with the destination MAC address being 0011-2233-4455 and belonging to VLAN 10 is added to the blackhole and discarded directly.
<sysname> system-view
[sysname] vlan 10
[sysname-vlan10] quit
[sysname] mac-address blackhole 0011-2233-4455 vlan 10