Manualsbrain.com
  1. Инструкции и руководства
  2. Бренды
  3. 3com
  4. S7906E
  5. Инструкции По Установке

Инструкции По Установке для 3com S7906E

Скачать
Страница из 2621
 
1-2 
When receiving a frame destined for MAC-SOURCE, the device looks up the MAC address table and 
forwards it from Port A. 
To adapt to network changes, MAC address table entries need to be constantly updated. Each 
dynamically learned MAC address table entry has a life time, that is, an aging timer. If an entry has not 
updated when the aging timer expires, it is deleted. If it updates before the aging timer expires, the 
aging timer restarts.  
Manually configuring MAC address entries 
With dynamic MAC address learning, a device does not tell illegitimate frames from legitimate ones. 
This brings security hazards. For example, if a hacker sends frames with a forged source MAC address 
to a port different from the one where the real MAC address is connected to, the device will create an 
entry for the forged MAC address, and forward frames destined for the legal user to the hacker instead.  
To enhance the security of a port, you can manually add MAC address entries into the MAC address 
table of the device to bind specific user devices to the port. Because manually configured entries have 
higher priority than dynamically learned ones, you can thus prevent hackers from stealing data using 
forged MAC addresses.  
Types of MAC Address Table Entries 
A MAC address table may contain these types of entries: 
Static entries, which are manually configured and never age out. 
Dynamic entries, which can be manually configured or dynamically learned and may age out. 
Blackhole entries, which are manually configured and never age out. Blackhole entries are 
configured for filtering out frames with specific destination MAC addresses. For example, to block 
all packets destined for a specific user for security concerns, you can configure the MAC address of 
this user as a blackhole destination MAC address entry. 
 
 
Dynamically-learned MAC addresses cannot overwrite static or blackhole MAC address entries, but the 
latter can overwrite the former. 
 
MAC Address Table-Based Frame Forwarding 
When forwarding a frame, the device adopts the following two forwarding modes based on the MAC 
address table: 
Unicast mode: If an entry is available for the destination MAC address, the device forwards the 
frame out the outgoing interface indicated by the MAC address table entry. 
Broadcast mode: If the device receives a frame with the destination address being all ones, or no 
entry is available for the destination MAC address, the device broadcasts the frame to all the 
interfaces except the receiving interface.