allowed-mac
Syntax
allowed-mac {
mac-address-list;
}
Hierarchy Level
[edit ethernet-switching-options secure-access-port interface (all | interface-name)]
Description
Specify particular MAC addresses to be added to the MAC address cache.
Although this configuration restricts the addresses that can be added to the MAC address cache, it does not block the switch from receiving Layer 2 control packets—such as Link Layer Discovery Protocol (LLDP) packets—transmitted from MAC addresses that are not specified in the list of allowed MAC addresses. Control packets do not undergo the MAC address check and they are therefore included in the statistics of packets received. However, they are not forwarded to another destination. They are trapped within the switch.
Default
Allowed MAC addresses take precedence over dynamic MAC values that have been
applied with the mac-limit statement.
Options
mac-address-list—One or more MAC addresses configured as allowed MAC addresses for a specified interface or all interfaces.
Required Privilege Level
system—To view this statement in the configuration.system–control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.0.