Filter
Top Products
562 | Layer 2
www.dell.com | support.dell.com
MAC Learning Limit
This section has the following sub-sections:
• mac learning-limit dynamic on page 563
• mac learning-limit station-move on page 563
• mac learning-limit no-station-move on page 564
• mac learning-limit sticky on page 564
• Displaying MAC Learning-Limited Interfaces on page 566
• Learning Limit Violation Actions on page 566
• Station Move Violation Actions on page 566
• Recovering from Learning Limit and Station Move Violations on page 567
• Per-VLAN MAC Learning Limit on page 567
MAC Address Learning Limit is a method of port security on Layer 2 physical, port-channel, and VLAN
interfaces. It enables you to set an upper limit on the number of MAC addresses learned on an interface/
VLAN. After the limit is reached, the system drops all traffic from a device with an unlearned MAC
address.
To set a MAC learning limit on an interface:
Three options are available with the mac learning-limit command: dynamic, no-station-move, and
station-move,
FTOS Behavior: When configuring MAC Learning Limit on a port or VLAN the configuration is
accepted (becomes part of running-config and show mac learning-limit interface) before the system
verifies that sufficient CAM space exists. If the CAM check fails, the a message is displayed:
%E90MH:5 %ACL_AGENT-2-ACL_AGENT_LIST_ERROR: Unable to apply access-list
Mac-Limit on GigabitEthernet 5/84
In this case, the configuration is still present in the running-config and show output. Remove the configuration
before re-applying a MAC learning limit with lower value. Also, ensure that Syslog messages can be viewed on
your session.
Note: The CAM-check failure message beginning in FTOS version 8.3.1.0 is different from versions
8.2.1.1 and earlier, which read:
% Error: ACL returned error
% Error: Remove existing limit configuration if it was configured before
Task Command Syntax Command Mode
Specify the number of MAC addresses that the system
can learn off a Layer 2 interface.
mac learning-limit address_limit INTERFACE
Note: An SNMP trap is available for mac learning-limit station-move. No other SNMP traps are available
for MAC Learning Limit, including limit violations.