Header Only - DO NOT REMOVE - Extreme Networks

MAC FILTER X450e


Hello everydoby,

Actually, I have the Extreme x450e in my local network.

I want to put the mac address filter system for limit the number of machines to connet in my LAN.

After several research, I realize that some functionalities are absent.
Specially, the "MAC lockdown" command .

So I suppose that I don't have the recent version of the firmware.
Actually, I have the 15.3.3.5 version .

So, if you suppose that i have a old firmawre, can you tell me the last version of the OS please ?

Advance thanks,

Ragavan Sriram

4 replies

Userlevel 5
Ragavan,

The X450 series switches are supported till the latest and current patch release of v15.3.5.2-patch1-9. This would be the recommended version.

MAC Address Lockdown can be achieved using the command:

configure ports vlan [limit-learning {action [blackhole | stop-learning]} | lock-learning | unlimited-learning | unlock-learning]

This command causes all dynamic FDB entries associated with the specified VLAN and ports to be
converted to locked static entries. It also sets the learning limit to 0, so that no new entries can be
learned. All new source MAC addresses are blackholed.
Hello Taykin Izzet,

Thank you for reply.

I will update my OS first, and I try your command.

See you soon.
Hi Taykin Izzet, I'm back 🙂

In fact, when i use the action of your command, I just have blackhole and stop-learning.

Other thing, when I fix limit-learning 1 in a port, the switch don't block the second machine.

It's very strange, do you have any idea ?

Advance thanks,
Userlevel 5
Ragavan,

Please try clearing the fdb entry on that port and test again.

clear fdb ports

The following are some examples:

First example, configures limit learning on ports 1 through 10 and 22 through 23 on the default VLAN. The port will learn two MAC addresses before the port is blackholed.

# configure port 1-10, 22-23 vlan "Default" limit-learning 2 action blackhole

This second example, configures limit learning on slot 1, port 1 through 10, and slot 2, ports 22 and 25. The port will learn 1 MAC address before its stops learning.

# configure port 1:1-1:10, 2:22,2:25 vlan "default" limit-learning 1 action stop-learning

Reply