Block suspect Layer2 traffic on Routers & Switches

glitchlist Uncategorized Leave a Comment

How do I block a suspect mac-address on a customer edge router or switch? On Huawei exists a command that reminds me of the shun option on Cisco ASA:

mac-address blackhole mac-address { vlan vlan-id | vsi vsi-name }
#  Example:
mac-address blackhole 0050-56c0-fb47 vlan 1

Works both in VLAN and VPLS environment.

Leave a Reply

Your email address will not be published. Required fields are marked *