Allied Telesis Layer 3 Switches manual Protecting against rapid MAC movement

Rapid MAC movement protection detects excessive MAC address learning on a specific switch port. Once excessive learning is detected, the switch stops learning MAC addresses via the affected port.

Rapid MAC movement mostly occurs because of a broadcast storm, when one packet is storming around a layer 2 network. Rapid MAC movement protection is simpler to configure than QoS policy-based storm protection but is not guaranteed to stop all the varieties of broadcast storm.

Products

AT-8948

x900-48 Series

AT-9900 Series

AT-9924Ts x900-24 Series

Software Versions

2.8.1 and later

Configuration on one or more ports

Rapid MAC movement protection is on by default. The default action is to disable learning for 1 second. This gives the CPU of the switch some idle time, which may let a fast STP-type protocol converge. You can change the amount of idle time to suit your network, or select a different action.

To customise the protection:

1.Set the parameters in the following command:

set switch port=<ports> thrashaction={learndisablelinkdownnone portdisablevlandisable} thrashtimeout={none1..86400} vlanstatustrap={onoff}

The parameter thrashaction specifies the switch’s response to rapid MAC movement:

zlearndisable makes the switch temporarily disable learning on the port.

zlinkdown makes the switch physically disable the port, so that the link goes down.

zportdisable makes the switch logically disable the port, leaving the link up.

zvlandisable makes the switch block traffic on only the VLAN on which the rapid learning occurred.