Supported Platforms
Limiting MAC Addresses Learned from an Interface in a Bridge Domain
You can configure a limit on the number of MAC addresses learned from a specific bridge domain or from a specific logical interface that belongs to a bridge domain.
To configure a limit for the number of MAC addresses learned from each logical interface in a bridge domain, include the interface-mac-limit limit statement at the [edit bridge-domains bridge-domain-name bridge-options] hierarchy level:
To limit the number of MAC addresses learned from a specific logical interface in a bridge domain or an entire bridge domain, include the interface-mac-limit limit statement at the [edit bridge-domains bridge-domain-name bridge-options interface interface-name] or [edit bridge-domains bridge-domain-name bridge-options] hierarchy level:
The value you configure for a specific logical interface overrides any value you specify for the entire bridge domain at the [edit bridge-domains bridge-domain-name bridge-options] hierarchy level.
The default limit to the number of MAC addresses that can be learned on a logical interface is 1024. The range that you can configure for a specific logical interface is 1 through 131,071.
After the MAC address limit is reached, the default is for any incoming packets with a new source MAC address to be forwarded. You can specify that the packets be dropped by including the packet-action drop statement. To specify that packets be dropped for the entire bridge domain, include the packet-action drop statement at the [edit bridge-domains bridge-domain-name bridge-options interface-mac-limit limit] hierarchy level:
To specify that the packets be dropped for a specific logical interface in a bridge domain, include the packet-action drop statement at the [edit bridge-domains bridge-domain-name bridge-options interface interface-name interface-mac-limit limit] hierarchy level:
You can also configure a limit to the number of MAC addresses learned for an MX Series router.
