[Contents] [Prev] [Next] [Index] [Report an Error]

Limiting the Number of MAC Addresses Learned from an Interface in a Bridge Domain

You can configure a limit on the number of MAC addresses learned from a specific bridge domain or from a specific logical interface that belongs to a bridge domain.

To configure a limit for the number of MAC addresses learned from each logical interface in a bridge domain, include the interface-mac-limit limit statement at the [edit bridge-domains bridge-domain-name bridge-options] hierarchy level:

[edit]
bridge-domains {
bridge-domain-name {
domain-type bridge;
interface interface-name;
bridge-options {
interface-mac-limit limit;
}
}
}

To limit the number of MAC addresses learned from a specific logical interface in a bridge domain, include the interface-mac-limit limit statement at the [edit bridge-domains bridge-domain-name bridge-options interface interface-name] hierarchy level:

[edit]
bridge-domains {
bridge-domain-name {
domain-type bridge;
interface interface-name;
bridge-options {
interface interface-name
interface-mac-limit limit;
}
}
}
}

The value you configure for a specific logical interface overrides any value you specify for the entire bridge domain at the [edit bridge-domains bridge-domain-name bridge-options] hierarchy level.

The default limit to the number of MAC addresses that can be learned on a logical interface is 1024. The range that you can configure for a specific logical interface is 16 through 131,071.

After the MAC address limit is reached, the default is for any incoming packets with a new source MAC address to be forwarded. You can specify that the packets be dropped by including the packet-action drop statement. To specify that packets be dropped for the entire bridge domain, include the packet-action drop statement at the [edit bridge-domains bridge-domain-name bridge-options interface-mac-limit limit] hierarchy level:

[edit]
bridge-domains bridge-domain-name {
bridge-options {
interface-mac-limit limit {
packet-action;
}
}
}

To specify that the packets be dropped for a specific logical interface in a bridge domain, include the packet-action drop statement at the [edit bridge-domains bridge-domain-name bridge-options interface interface-name interface-mac-limit limit] hierarchy level:

[edit]
bridge-domains bridge-domain-name {
bridge-options {
interface interface-name {
interface-mac-limit limit {
packet-action;
}
}
}
}

You can also configure a limit to the number of MAC addresses learned for an MX-series router. For more information, see Limiting the Number of MAC Addresses Learned from Each Interface.

[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.