Extreme Networks

Bobby · ‎06-01-2017

I took over an existing enterprise size extreme network, been getting already that people have threats basically sending to third world country IPs. There is not much on the GUI and been trying to hunt down the command to block the mac address in CLI. I do see that were is a blackhole vlan, Im guessing it needs to be put into that vlan. Any info helps thanks!

Brian_Austin · ‎06-01-2017

Bobby,

it shouldn't matter if you make it ingress or egress however you should also be able to track down what port its coming in by using the command:

show iparp 01:00:5E:00:E0:F1

that way you can block the mac address at it's source instead of trying to catch it later in the network.

Bobby · ‎06-01-2017

sweet thanks!

Does it matter if its egress or ingress?

Ty_Izzet · ‎06-01-2017

Bobby,

You could create an access list to block the offending MAC on a port or VLAN. The following is an example of the ACL:

entry block_MAC {
if {
ethernet-source-address

code:

01:00:5E:00:E0:F1

;
} then {
deny;
}
}

The following article explains how to create and apply the ACL to a port or VLAN:

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-create-and-apply-an-ACL-in-EXOS

Mrxlazuardin · ‎06-01-2017

Hi Taykin,

How will XOS process the MAC blocking by using ACL, CPU based or ASIC based? Using blackhole is processed by ASIC right? Unfortunately, I don't know how to use blackhole without specifying the VLAN or make it works to al VLANs.

Best regards,

Extreme Networks

block mac address command in switch XOS CLI

block mac address command in switch XOS CLI