HCIE must know Scenarios for Mac address drift
I talked about the content of mac address drift and introduced the concept of mac address drift. Today, I will briefly introduce the application scenarios of mac drift.
First of all, mac address drift protection can be used to prevent illegal user attacks. For example, in the following scenario, a certain enterprise network, a user needs to access the enterprise server. If some illegal users try to fake the server’s MAC address from other interfaces and send packets, the server’s MAC address will be learned on other interfaces. In this way, the messages sent by the user to the server will be sent to illegal users, which will not only cause the user to fail to communicate with the server, but also cause some important user information to be stolen.
In order to prevent unauthorized users from forging server MAC addresses to invade the Switch, the MAC anti-wandering function can be configured on the Switch to set the MAC learning priority of legitimate users higher than that of unauthorized users, so that the MAC address will not be triggered when an unauthorized user attacks The outbound interface drifts.
Second, MAC drift can quickly detect and find loops
When a loop occurs in the networking, there must be MAC address drift at the fault point on the loop. Using this phenomenon, you can quickly determine whether there is a loop in the network.
When the following phenomena occur on the device, you can enable the MAC drift detection function to determine whether it is caused by a loop.
Sometimes there is no MAC address table entry
ping operation does not work
The CPU usage increases, and an alarm that exceeds the threshold occurs
Get 100% accurate CCIE/ CCNP/CCNA/HCIE dumps in IELAB .
Please follow us if you like our articles.
visit us: http://ielab.network
Facebook : https://www.facebook.com/ielab.network/