Configuring Unknown Unicast Forwarding (CLI Procedure)
Unknown unicast traffic consists of packets with unknown destination MAC addresses. By default, the switch floods these packets to all interfaces associated with a VLAN. Forwarding such traffic to interfaces on the switch can create a security issue.
To prevent flooding unknown unicast traffic across the switch, configure unknown unicast forwarding to direct all unknown unicast packets within a VLAN out to a specific trunk interface. From there, the destination MAC address can be learned and added to the Ethernet switching table. You can configure each VLAN to divert unknown unicast traffic to different trunk interfaces or use one trunk interface for multiple VLANs.
To configure unknown unicast forwarding options using the CLI:
Note: Before you can configure unknown unicast forwarding within a VLAN, you must first configure that VLAN.
- Configure unknown unicast forwarding for a specific
VLAN (here, the VLAN name is employee):
user@switch# set unknown-unicast-forwarding vlan employee
- Specify the trunk interface to which all unknown
unicast traffic will be forwarded:
[edit ethernet-switching-options ]
user@switch# set unknown-unicast-forwarding vlan employee interface ge-0/0/3.0