H3c-technologies H3C SecBlade NetStream Cards Manual de usuario Pagina 123
- Pagina / 349
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
108
MAC address table configuration
This chapter includes these sections:
• Overview
• Configuring the MAC address table
• Displaying and maintaining MAC address tables
• MAC address table configuration example
Overview
An Ethernet device uses a MAC address table for forwarding frames through unicast instead of
broadcast. This table describes from which port a MAC address (or host) can be reached. When
forwarding a frame, the device first looks up the MAC address of the frame in the MAC address table for
a match. If an entry is found, the device forwards the frame out of the outgoing port in the entry. If no
entry is found, the device broadcasts the frame out of all but the incoming port.
How a MAC address table entry is created
The entries in the MAC address table come from two sources: automatically learned by the device and
manually added by the administrator.
MAC address learning
The device can automatically populate its MAC address table by learning the source MAC addresses of
incoming frames on each port.
When a frame arrives at a port, Port A for example, the device performs the following tasks:
1. Checks the source MAC address (MAC-SOURCE for example) of the frame.
2. Looks up the source MAC address in the MAC address table.
a. If an entry is found, the device updates the entry.
b. If no entry is found, the device adds an entry for MAC-SOURCE and Port A.
3. After learning this source MAC address, when the device receives a frame destined for
MAC-SOURCE, the device finds the MAC-SOURCE entry in the MAC address table and forwards
the frame out Port A.
The device performs the learning process each time it receives a frame from an unknown source MAC
address, until the MAC address table is fully populated.
Manually configuring MAC address entries
With dynamic MAC address learning, a device does not distinguish between illegitimate and legitimate
frames, which can invite security hazards. For example, when a hacker sends frames with a forged
source MAC address to a port different from the one where the real MAC address is connected, the
device creates an entry for the forged MAC address, and forwards frames destined for the legal user to
the hacker instead.
- H3C SecBlade NetStream Card 1
- Preface 3
- GUI conventions 4
- Symbols 4
- Network topology icons 4
- Port numbering in examples 4
- Obtaining documentation 5
- Technical support 5
- Documentation feedback 5
- Contents 6
- CLI configuration 16
- Entering the CLI 17
- Command conventions 17
- Undo form of a command 18
- CLI views 18
- Using the CLI online help 19
- Typing commands 20
- Typing incomplete keywords 21
- Configuring command aliases 21
- Configuring CLI hotkeys 22
- System Mana 23
- Maintenance Command Reference 23
- Checking command-line errors 24
- Using command history 24
- Controlling the CLI display 25
- Filtering output information 26
- Character Meanin 27
- Remarks 27
- Login methods 35
- Users and user interfaces 36
- Numbering user interfaces 36
- CLI login 37
- Login procedure 38
- Logging in through telnet 47
- ACSEI timers 58
- ACSEI startup and running 58
- NMS login 61
- NMS login example 63
- User login control 65
- NMS users 68
- Interface configuration 70
- General configuration 71
- IP addressing configuration 80
- Special IP addresses 81
- Subnetting and masking 81
- Configuring IP addresses 82
- 172.16.1.1/24 83
- 172.16.2.1/24 sub 83
- 172.16.1.2/24 83
- 172.16.2.2/24 83
- IP routing overview 85
- Dynamic routing protocols 86
- Routing preference 87
- Route recursion 87
- Static routing configuration 89
- Configuring a static route 90
- What is policy-based routing 93
- Configuring PBR 94
- Configuring local PBR 96
- Configuring interface PBR 96
- VLAN configuration 98
- VLAN fundamentals 99
- VLAN types 100
- Protocols and standards 100
- VLAN interface overview 101
- Configuration procedure 101
- Network requirements 102
- Verification 103
- Port link type 103
- Default VLAN 104
- To do... Use the command… 109
- Remarks 109
- Overview 110
- Working mechanism 115
- Configure the SecBlade card 119
- GE3/0/1 GE3/0/2 121
- XGE2/0/1 121
- ARP configuration 128
- Operation of ARP 129
- Configuring ARP 130
- ARP configuration example 133
- Gratuitous ARP configuration 135
- Configuring gratuitous ARP 136
- Proxy ARP configuration 137
- Local proxy ARP 138
- Enabling proxy ARP 139
- 2. Configure the SecBlade 143
- ACL configuration 144
- Match order 145
- ACL rule numbering 145
- ACL configuration task list 146
- Configuring an ACL 146
- Copying an IPv4 ACL 149
- Packet filtering with ACLs 150
- ACL configuration example 152
- NetStream overview 154
- How NetStream works 155
- Flow aging 155
- NetStream data export 156
- NetStream export formats 157
- NetStream filtering 157
- NetStream sampling 157
- IPv4 NetStream configuration 159
- Enabling IPv4 NetStream 160
- To do… Use the command… 166
- IPv6 NetStream configuration 167
- Configuration considerations 172
- Configuring the host device 173
- Configuring the NSC 175
- 1. Configure the Device 176
- Device management 188
- Configuring the system time 189
- Displaying the system time 189
- Configuring banners 192
- Rebooting the device 195
- Configuring a scheduled task 196
- NOTE: 204
- NTP configuration 205
- How NTP works 206
- NTP message format 207
- Operation modes of NTP 208
- Symmetric peers mode 209
- Broadcast mode 209
- NTP configuration task list 210
- Configuration prerequisites 213
- NTP configuration examples 214
- SecBlade and Device 217
- Automatic configuration 218
- Address acquisition process 220
- File types 221
- TFTP request sending mode 223
- FTP configuration 224
- Configuring the FTP client 225
- 10.1.1.1/16 229
- 10.3.1.1/16 229
- 10.2.1.1/16 229
- Configuring the FTP server 230
- 3. Upgrade SecBlade 233
- TFTP configuration 235
- Configuring the TFTP client 236
- File management 239
- Performing file operations 241
- Renaming a file 242
- Copying a file 242
- Moving a file 242
- Deleting a file 242
- Performing batch operations 243
- Setting prompt modes 245
- Example for file operations 246
- Configuration file overview 247
- Introduction 248
- Configuration rollback 250
- Configuration task list 250
- Device software overview 256
- Software upgrade methods 257
- Basic concepts in hotfix 258
- Patch status 259
- DEACTIVE state 260
- ACTIVE state 260
- RUNNING state 261
- One-step patch installation 262
- Loading a patch file 263
- Activating patches 263
- Confirming running patches 264
- Stopping running patches 264
- Deleting patches 264
- Network requirement 265
- Hotfix configuration example 267
- Configuring ping 268
- Tracert 269
- System debugging 270
- Information center overview 273
- System information format 277
- PRI (priority) 278
- Managing security logs files 287
- 1.1.0.1/16 1.2.0.1/16 290
- SNMP configuration 295
- SNMP configuration task list 296
- Configuring SNMPv3 297
- Configuring SNMP logging 299
- Configuring SNMP traps 299
- Enabling SNMP traps 300
- Configuring trap parameters 300
- SNMP configuration examples 302
- SNMPv3 configuration example 303
- 1.1.1.2/24 304
- XGE4/0/1XGE0/0 304
- 1.1.1.1/24 304
- MIB style configuration 307
- RMON configuration 308
- RMON groups 309
- Alarm group 310
- Private alarm group 310
- XGE4/0/1 314
Relacionado con productos y manuales para La Seguridad H3c-technologies H3C SecBlade NetStream Cards
(66 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.055 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales