4-43
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 4 Administering the Switch
Managing the MAC Address Table
Feature Incompatibility
The following features are incompatible with disabling MAC address learning and do not work properly
when the feature is enabled:
•
802.1X—The 802.1X class of features does not work when learning is disabled because some of
these features require source miss, which is ignored.
•
Port security— Port security VLANs requires learning to be enabled. To secure MAC addresses,
packets must first arrive at the CPU. However, if you disable learning on a VLAN, SA suppression
ensures that packets do not operate this way.
•
Unicast flood blocking— When unicast flood blocking is enabled on a port, it is removed from the
VLAN flood set. If learning is disabled on the same VLAN, the host connected to that port do not
receive traffic.
•
DHCP snooping—To send the packet out the correct port once a DHCP request has been resolved,
DHCP snooping must learn the MAC address. If you disable learning, the switch do not know on
which port to exit the packet; the two features are incompatible.
•
Broadcast storm control— This feature does not interact with the learning disable feature.
•
Flooding of packets in a VLAN domain in which learning is disabled through PVL.
Partial Feature Incompatibility
Although the following features are partially incompatible with disabling MAC address learning, they
still retain a large portion of their functionality:
•
FlexLink—FlexLink functions and upstream convergence is not impacted. However, downstream
fast convergence uses a MAC table to send dummy multicast packets for each learned MAC address
upstream to expedite downstream convergence. This situation does not happen if you enabled
learning disable. FlexLink downstream convergence occurs naturally, but it is slower if learning is
enabled on that VLAN.
•
PVLAN—To observe correct behavior, you must disable learning on the primary VLAN and all
secondary VLANs associated with the primary VLAN.
Note
To avoid confusion, configure PVLAN similarly on both the primary and secondary VLANs in
the PVLAN space.
•
Spanning Tree (STP)—Except for the UplinkFast feature, per-VLAN spanning tree functionality is
not impacted. To achieve faster downstream convergence, UplinkFast forwards dummy multicast
packets using learned MAC addresses. This action is not possible unless MAC learning is enabled.
Summary of Contents for Catalyst 4500 Series
Page 2: ......
Page 4: ......
Page 2086: ...Index IN 46 Software Configuration Guide Release IOS XE 3 9 0E and IOS 15 2 5 E ...