Chapter 5
Administering the Switch
Follow these guidelines when disabling MAC address learning on a VLAN:
•
•
•
•
•
•
•
Beginning in privileged EXEC mode, follow these steps to disable MAC address learning on a VLAN:
Command
Step 1
configure terminal
Step 2
no mac address-table learning vlan
vlan-id
Step 3
end
Step 4
show mac address-table learning [vlan
vlan-id]
Step 5
copy running-config startup-config
To reenable MAC address learning on a VLAN, use the default mac address-table learning vlan
vlan-id global configuration command. You can also reenable MAC address learning on a VLAN by
entering the mac address-table learning vlan vlan-id global configuration command. Using the second
command causes the configuration to appear in the show running-config privileged EXEC command
display. Using the first (default) command implies a return to a default condition and therefore does not
appear in the output from the show running-config command.
This example shows how to disable MAC address learning on VLAN 200:
Switch(config)# no mac
You can display the MAC address learning status of all VLANs or a specified VLAN by entering the
show mac-address-table learning [vlan vlan-id] privileged EXEC command.
78-17058-01
Disabling MAC address learning on a VLAN is supported only if the switch is running the metro IP
access or metro access image.
Use caution when considering disabling MAC address learning on a VLAN with a switch virtual
interface (SVI) configured. If you disable MAC address learning on an SVI, the switch floods all IP
packets in the Layer 2 domain.
We recommend that you disable MAC address learning only in VLANs with two ports. If you
disable MAC address learning on a VLAN with more than two ports, every packet entering the
switch is flooded in that VLAN domain.
You cannot disable MAC address learning on a VLAN that is used internally by the switch. If the
VLAN ID that you enter is an internal VLAN, the switch generates an error message and rejects the
command. To view internal VLANs in use by the switch, enter the show vlan internal usage
privileged EXEC command.
If you disable MAC address learning on a VLAN configured as a private-VLAN primary VLAN,
MAC addresses are still learned on the secondary VLAN that belongs to the private VLAN and are
then replicated on the primary VLAN. If you disable MAC address learning on the secondary
VLAN, but not the primary VLAN of a private VLAN, MAC address learning occurs on the primary
VLAN and is replicated on the secondary VLAN.
You cannot disable MAC address learning on an RSPAN VLAN. The configuration is not allowed.
If you disable MAC address learning on a VLAN that includes a secure port, MAC address learning
is not disabled on the secure port. If you disable port security, the configured MAC address learning
state is active.
Purpose
Enter global configuration mode.
Disable MAC address learning on the specified VLAN. Valid VLAN IDs
are 1 to 4094.
Return to privileged EXEC mode.
Verify the configuration.
(Optional) Save your entries in the configuration file.
a
ddress-table learning vlan 200
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
Managing the MAC Address Table
5-27