12-24-2020 03:14 AM
Hello.
I currently have the XMC version 8.4 and EOS C5K devices.
I want to know how mac locking works inside the PM, what it is used for, in which scenarios it is recommended to use it.
Thank you in advance for your help
12-29-2020 12:54 AM
Thanks fot the answer
So with this I can configure a port so that, for example, it learns 2 MAC addresses automatically and the other MACs discard them?
Best Regards
12-28-2020 09:51 AM
Hello Stefan K.,
You're right, I described that wrong. A MAC lock on one port has no effect on other ports!
12-28-2020 09:09 AM
Afaik this is not correct. MAC-Locking doesn’t prevent the configured MAC-Address to connect to any other port of the switch. But it prevents other MAC-Adresses to connect to the port where MAC-Locking is configured.
From the manual:
This feature locks a MAC address to one or more ports, preventing connection of unauthorized
devices through the port(s). When source MAC addresses are received on specified ports, the
switch discards all subsequent frames not containing the configured source addresses. The only
frames forwarded on a "locked" port are those with the "locked" MAC address(es) for that port
12-26-2020 07:14 AM
Hello Jose,
basically the MAC Lock function is for the following:
MAC Locking locks one or more MAC address(es) to a specific switch or port on a switch, if MAC locking is enabled for a MAC that end-system can only access the network from that port or switch.
You can set a mac lock manually direct on the C5 via CLI.
In addition you can set a MAC clock via the End-System Tab in XMC Control (right mouse to a device).
Furhter more there is also the possibility in the Legacy Policy manager (and I think this is what your question is about) to display or set existing MAC locks.
As far as I know this function was not taken over into the XMC GUI (8.5.x). Therefore, it is advisable to use notifications to ensure that you get a message when a MAC lock is violated, if you are using the End-System Tab for MAC Lock configuration.