4-31
Software Configuration Guide—Release 15.0(2)SG
OL-23818-01
Chapter 4 Administering the Switch Managing the MAC Address Table
Usage Guidelines
Note These guidelines are advisory only. Contact the Cisco solution provider team for specific solution
implementations.
When disabling MAC address learning on a VLAN, consider these guidelines:
If learning is disabled on a VLAN with an SVI interface, it floods every IP packet in the Layer 2
domain. Because this flooding may be undesirable, you should disable MAC address learning on a
SVI VLAN carefully.
If you provide a VLAN range that includes reserved VLAN (such as 1000-1006), the command is
accepted and disable learning is enabled for all VLANs except for 1002-005 (that is,
1000-1001,1006). However, if you specify an invalid range (such as 1- 5000), the command fails and
disable learning is not enabled on any of the VLANs.
Both RSPAN and the MAC learning disable feature share a hardware restriction on Supervisor
Engines II, IV, and V. If the combination of VLANs configured with RSPAN and learning disable
exceeds four, hardware MAC table resources are consumed to emulate learning disable on the
additional VLANs. High CPU occur when these resources are exhausted.
With PVLANs, you need to disable learning on the primary VLAN and all secondary VLANs
associated with that primary VLANs. Otherwise, you encounter traffic flooding in one direction and
unicast flooding in the other direction.
To disable MAC address learning on a VLAN, consider the flooding implications.
Deployment Scenarios
This section includes these deployment scanrios:
Metro (Point to Point Links), page 4-31
Network Load Balancers, page 4-32
Layer 2 Firewall or Cache, page 4-33

Metro (Point to Point Links)

In this topology, you have two ports on a VLAN; traffic enters one and must exit the other. On a
point-to-point link in metro networks, numerous MAC addresses are on these types of ports by disabling
learning on the VLAN to which these two ports belong, many entries in the MAC address table space
can be saved. Because there is only one egress port for the traffic, you can flood the packet and avoid
having to learn all the MAC addresses seen on this port. This process saves considerable space in the
MAC address table.
To obtain source learning, packets are bridged as Layer 2 flood packets. Replicated packets use a distinct
dedicated bandwidth. Regardless of the number of ports in a flood set, a flood packet always consumes
replication packet bandwidth, which consumes some multicast and broadcast packet-processing
bandwidth (Figure 4-2).