mac-limit (VLAN)
Syntax (QFX Series and EX4600)
mac-limit number;
Syntax (SRX Series and EX Series)
mac-limit limit action action;
Hierarchy Level
[edit vlans vlan-name]
Description
Specify the maximum number of MAC addresses to
be associated with a VLAN—the default is unlimited,
which can leave the network vulnerable to flooding. Change unlimited to any number from 2 to the switch’s maximum VLAN MAC limit.
The maximum number of MAC addresses allowed in a switching table per
VLAN varies depending on the EX Series switch. To see the maximum
number of MAC addresses per VLAN allowed on your switch, issue the set vlans vlan-name mac-limit ?
configuration-mode
command.
Do not set the mac-limit value to 1. The first learned MAC address is often inserted into the forwarding database automatically—for instance, for a routed VLAN interface (RVI), the first MAC address inserted into the forwarding database is the MAC address of the RVI. For aggregated Ethernet bundles (LAGs) using LACP, the first MAC address inserted into the forwarding database in the Ethernet switching table is the source address of the protocol packet. In these cases, the switch does not learn MAC addresses other than the automatic address when mac-limit is set to 1, and this causes problems with MAC learning and forwarding.
When the MAC limit set by this statement is reached, no more MAC addresses are added to the Ethernet switching table. You can also, optionally, have a system log entry generated when the limit is exceeded by adding the option action log.
When you reconfigure the number of MAC addresses, the Ethernet switching table is not automatically cleared. Therefore, if you reduce the number of addresses from the default (unlimited) or a previously set limit, you could already have more entries in the table than the new limit allows. Previous entries remain in the table after you reduce the number of addresses, so you should clear the Ethernet switching table for a specified interface, MAC address, or VLAN when you reduce the MAC limit. Use the command clear ethernet-switching table to clear existing MAC addresses from the table before using the mac-limit configuration statement.
Default
The MAC limit is disabled, so entries are unlimited.
Options
QFX Series and EX4600:
number—Maximum number of MAC addresses.
Range: 1 through 32768
This statement is not supported on QFabric systems.
EX Series:
limit—Maximum number of MAC addresses.
Range: 1 through switch maximum
SRX Series:
number—Maximum number of MAC addresses.
Range: 1 through 5120
action—Log is the only action available. Configure action log to add a message to the system log when the mac-limit value is exceeded. A typical logged message looks like this:
May 5 06:18:31 bmp-199p1-dev edwd[5665]: ESWD_VLAN_MAC_LIMIT_EXCEEDED: vlan default mac 00:1f:12:37:af:5b (tag 40). vlan limit exceeded
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.0.
The short description of interface-mac-limit
at the CLI command hierarchy is
changed from Maximum number of MAC addresses per interface
(1..16383)
to Maximum number of MAC addresses per interface
(1..5120)
at the [edit vlans vlan-name switch-options]
hierarchy level from Junos OS Release 18.2R1.