The requirement for common five octets applies to: Moreover, it does not apply to bridge ports because they use the bridge's MAC address. Layer 2 (bridging) does not use the switch's ethernet addresses. This requirement applies only to Layer 3 (routing). " XX:XX:XX:XX:XX" part is common for all interfaces.In other words, the MAC addresses must be in the format " XX:XX:XX:XX:XX:?", where:
The other five (most significant) octets are configurated globally and, therefore, must be equal for all interfaces (switch ports, bridge, VLANs). Marvell Prestera DX2000 and DX3000 switch chips have a hardware limitation that allows configuring only the last (least significant) octet of the MAC address for each interface. 元HW MAC Address Range Limitation (DX2000/DX3000 series only) Disabling icmp-reply-on-error silently drops the packets on the hardware level in case of an error.įor Inter-VLAN routing, the bridge interface must be a tagged member of every routable /interface/bridge/vlan/ entry. Enabling icmp-reply-on-error helps with network diagnostics but may open potential vulnerabilities for DDoS attacks. Since the hardware cannot send ICMP messages, the packet must be redirected to the CPU to send an ICMP reply in case of an error (e.g., "Time Exceeded", "Fragmentation required", etc.). Icmp-reply-on-error ( yes | no Default: yes ) Since IPv6 routes occupy a lot of HW memory, enable it only if IPv6 traffic speed is significant enough to benefit from hardware routing. Not all switch chips support FastTrack HW Offloading (see hw-supports-fasttrack).Įnables or disables IPv6 Hardware Offloading. Keep it enabled unless HW TCAM memory reservation is required, e.g., for dynamic switch ACL rules creation. Fasttrack-hw ( yes | no Default: yes (if supported) )Įnables or disables FastTrack HW Offloading.
0 kommentar(er)
