Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

mac-limit

 

List of Syntax

Syntax (QFX Series and EX4600)

Syntax (SRX Series and EX Series)

Syntax (QFX Series and EX4600)

Syntax (SRX Series and EX Series)

Hierarchy Level

Release Information

Statement introduced in Junos OS Release 9.0 for EX Series switches.

Statement introduced in Junos OS Release 11.1 for the QFX Series.

The short description of interface-mac-limit at the CLI command hierarchy is changed from Maximum number of MAC addresses per interface (1..16383) to Maximum number of MAC addresses per interface (1..5120) at the [edit vlans vlan-name switch-options] hierarchy level from Junos OS Release 18.2R1.

Description

Specify the maximum number of MAC addresses to be associated with a VLAN—the default is unlimited, which can leave the network vulnerable to flooding. Change unlimited to any number from 2 to the switch’s maximum VLAN MAC limit. The maximum number of MAC addresses allowed in a switching table per VLAN varies depending on the EX Series switch. To see the maximum number of MAC addresses per VLAN allowed on your switch, issue the set vlans vlan-name mac-limit ? configuration-mode command.

Note

Do not set the mac-limit value to 1. The first learned MAC address is often inserted into the forwarding database automatically—for instance, for a routed VLAN interface (RVI), the first MAC address inserted into the forwarding database is the MAC address of the RVI. For aggregated Ethernet bundles (LAGs) using LACP, the first MAC address inserted into the forwarding database in the Ethernet switching table is the source address of the protocol packet. In these cases, the switch does not learn MAC addresses other than the automatic address when mac-limit is set to 1, and this causes problems with MAC learning and forwarding.

When the MAC limit set by this statement is reached, no more MAC addresses are added to the Ethernet switching table. You can also, optionally, have a system log entry generated when the limit is exceeded by adding the option action log.

Note

When you reconfigure the number of MAC addresses, the Ethernet switching table is not automatically cleared. Therefore, if you reduce the number of addresses from the default (unlimited) or a previously set limit, you could already have more entries in the table than the new limit allows. Previous entries remain in the table after you reduce the number of addresses, so you should clear the Ethernet switching table for a specified interface, MAC address, or VLAN when you reduce the MAC limit. Use the command clear ethernet-switching table to clear existing MAC addresses from the table before using the mac-limit configuration statement.

Default

The MAC limit is disabled, so entries are unlimited.

Options

QFX Series and EX4600:

number—Maximum number of MAC addresses.

Range: 1 through 32768

Note

This statement is not supported on QFabric systems.

EX Series:

limit—Maximum number of MAC addresses.

Range: 1 through switch maximum

SRX Series:

number—Maximum number of MAC addresses.

Range: 1 through 5120

actionLog is the only action available. Configure action log to add a message to the system log when the mac-limit value is exceeded. A typical logged message looks like this:

May 5 06:18:31 bmp-199p1-dev edwd[5665]:

ESWD_VLAN_MAC_LIMIT_EXCEEDED: vlan default mac

00:1f:12:37:af:5b (tag 40). vlan limit exceeded

Required Privilege Level

routing—To view this statement in the configuration.

routing-control—To add this statement to the configuration.