Hi vakas10,
Yes that works. Please note that you might have to clear the ethernet-switching table as a best practice after making the MAC limit config change, so it's better to make the change in a low business time or a short maintenance if you will.
Please also keep the new (ELS) command "clear ethernet-switching recovery-timeout interface <>" handy for any interfaces shut by the MAC limit rule :).
Here is a quick test for your reference:
{master:0}
root@EX3400> show configuration switch-options
Apr 03 15:41:21
interface test {
interface-mac-limit {
1;
packet-action shutdown;
}
}
{master:0}
root@EX3400> show configuration interfaces interface-range test
Apr 03 15:41:28
member-range xe-0/2/2 to xe-0/2/3;
{master:0}
root@EX3400> show version
Apr 03 15:41:32
fpc0:
--------------------------------------------------------------------------
Hostname: EX3400
Model: ex3400-48t
Junos: 18.4R1.8
root@EX3400> show log messages | grep limit
Apr 3 13:53:27 EX3400 l2ald[16336]: L2ALD_MAC_LIMIT_REACHED_IF: Limit on learned MAC addresses reached for xe-0/2/2.0; current count is 1
Apr 3 13:53:28 EX3400 l2ald[16336]: L2ALD_MAC_LIMIT_RESET_IF: Resumed adding MAC addresses learned by xe-0/2/2.0; current count is 0
Apr 3 13:53:28 EX3400 l2ald[16336]: L2ALD_MAC_LIMIT_REACHED_IF: Limit on learned MAC addresses reached for xe-0/2/2.0; current count is 1
Apr 3 13:53:29 EX3400 l2ald[16336]: L2ALD_MAC_LIMIT_EXCEEDED_BLOCK: Limit on learned MAC addresses exceeded for xe-0/2/2.0; current count is 1 SHUTTING THE INTERFACE
Apr 3 13:53:29 EX3400 l2ald[16336]: L2ALD_MAC_LIMIT_RESET_IF: Resumed adding MAC addresses learned by xe-0/2/2.0; current count is 0
{master:0}
root@EX3400> show interfaces xe-0/2/2 terse
Apr 03 15:42:53
Interface Admin Link Proto Local Remote
xe-0/2/2 up down
xe-0/2/2.0 up down eth-switch
{master:0}[edit]
root@EX3400# rollback 1
Apr 03 15:41:49
load complete
{master:0}[edit]
root@EX3400# show | compare
Apr 03 15:41:51
[edit interfaces]
- interface-range test {
- member-range xe-0/2/2 to xe-0/2/3;
- }
[edit]
- switch-options {
- interface test {
- interface-mac-limit {
- 1;
- packet-action shutdown;
- }
- }
- }
{master:0}[edit]
root@EX3400# commit and-quit
Apr 03 15:42:02
{master:0}
root@EX3400> show interfaces xe-0/2/2 terse
Apr 03 15:42:53
Interface Admin Link Proto Local Remote
xe-0/2/2 up down
xe-0/2/2.0 up down eth-switch
{master:0}
root@EX3400> clear ethernet-switching recovery-timeout interface xe-0/2/2
Apr 03 15:43:09
{master:0}
root@EX3400> show ethernet-switching table
Apr 03 15:43:12
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 2 entries, 2 learned
Routing instance : default-switch
Vlan MAC MAC Age Logical NH RTR
name address flags interface Index ID
default 00:11:aa:23:b5:08 D - xe-0/2/2.0 0 0
default 00:11:aa:6d:a0:0a D - ae6.0 0 0
Hope this helps.
Regards,
-r.
--------------------------------------------------
If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated :).