This article mainly explains the MAC configuration on Asterfusion enterprise SONiC switches.
By reading this article, users can quickly master the configuration method of MAC on Asterfusion SONiC switch.

Model:
CX-N series switches
CX-M series switches
Version:
AsterNOSv3.1

MAC configuration is a basic function. MAC (Media Access Control) address, also called physical address or hardware address. The MAC address is written inside the network card by the network equipment manufacturer during production and can uniquely identify a user. The MAC address consists of a 48-bit long, 12-bit hexadecimal number. Starting from left to right, 0 to 23 bits are the codes applied by the manufacturer to IETF and other organizations to identify the manufacturer. 24 to 47 bits are assigned by the manufacturer.
Asterfusion Enterprise SONiC Distribution CX-N series switches MAC address table entries are divided into static MAC, dynamic MAC and blackhole MAC.

mac-address static HH:HH:HH:HH:HH:HH vlan vlan-id interface-type interface-name
#Configure a static MAC, and the interface type can be ethernet or link-aggregation.

mac-address static HH:HH:HH:HH:HH:HH vlan vlan-id blackhole #Configure blackhole MAC

mac-address timer aging seconds #Configure the aging time of dynamic MAC

interface interface-type interface-name # Enter interface view.
no mac-address learning # Disable MAC address learning.

Note：When a device receives a large number of forged packets with different source MAC addresses, the capacity of the MAC address table may be exceeded, resulting in the inability to perform MAC learning. MAC configuration function of turning off the MAC address learning can effectively prevent this attack.

vlan vlan-id # Enter vlan view.
no mac-address learning # Disable MAC address learning.

interface interface-type interface-name #Enter interface view, interface type can be ethernet or vlan.
mac-limit number number # Configure the MAC table parameters of the interface, range:1~131072.

interface interface-type interface-name[.subinterface-number]
# Enter interface view, interface type can be ethernet、vlan or link-aggregation.
mac-address HH:HH:HH:HH:HH:HH #Configure the MAC address of the interface.

There are two user hosts PC1 and PC2. The MAC address of PC1 is E2:8C:56:85:4A:11, which belongs to VLAN100. It is connected to the switch port Ethernet 0/1. It is required to add an entry for PC1 in the MAC table of the device. Static entry. The MAC address of PC2 is A0:1B:5E:47:C9:08, which belongs to VLAN 100 and is connected to the device port Ethernet 0/2. Due to illegal operations, a blackhole MAC entry is required to be added to the switch, making PC2 unable to access the Internet. Configure the device’s dynamic MAC table entry aging time to 600s. use MAC configuration to do this.

PC1 can ping the gateway, but PC2 cannot ping the gateway.

CX-N series switches
CX-M series switches

If you have more technical questions, feel free to propose a ticket on our  https://help.cloudswit.ch/portal/en/signin