Under Switch Insights, the “MAC Limit Exceeded” event will be generated as long as the unauthorized device is connected, and it exceeds the configured MAC limit. You will see a warning on the switch page and a corresponding event on the Insights dashboard when the MAC limit is exceeded. If the maximum number of MACs have already been learned, then the frames are dropped and logged for any additional MACs. Under Switch Insights, the “MAC Limit Reset“ event will be displayed to confirm that the MAC address was cleared successfully. This is the same as using the following command from the CLI: “clear ethernet-switching table persistent-learning interface ge-0/0/2” Due note that if the device is still connected on the interface, its MAC address will be dynamically learned after a few minutes. A message will be displayed indicating which interfaces are being cleared. Only user roles Network Administrator and Super User will be able to clear the MAC.
To clear the MAC addresses learned on an interface, select the interface on the front panel. This is a persistent value that will remain unless the MAC address is cleared, or if the Persistent MAC feature is disabled.Ĭlearing Dynamically Learned MAC Addresses
The MAC Count field indicates how many MACs have been dynamically learned on the interface The chosen interface will now dynamically learn MAC addresses, by hovering your mouse over this interface, you can see the current MAC limit and the number of MACs learned after a few minutes.ħ. Map the interface from either the Port Configuration section, or by selecting ports from the Front panel display.Ħ. On the bottom, check Persistent (Sticky) MAC Learning box to enable the feature.ĥ. If a value not in this range is entered, the UI will respond with an error immediately and prevent saving the configuration.Ĥ. Only numeric values from the range 0-16383 is allowed. Note: The default value for the MAC Limit field is 0. In the example, we will use a value of 1. The MAC Limit field is the maximum amount of dynamically learned MAC address. This is to prevent a commit failure, as this combination is not allowed on JunOS.ģ. When Persistent MAC is enabled, the option to change port mode and to enable 802.1x authentication will be unavailable. Note: Persistent MAC learning cannot be enabled on a Trunk port, or on a port with 802.1X authentication enabled. Navigate to Switch/Network/Organization -> Port Profiles -> Add ProfileĢ. Please see below for an example configuration:ġ. Please do not enable this feature for Mist Access Point interfaces. This feature is intended for static wired clients. This feature can be enabled from the Mist Dashboard for ease and simplicity using Port Profiles from the Switch, Network and Organization tabs. After the maximum limit is reached, any device attempting to connect to the port will have their frames dropped and logged.įor more details, please refer to this page: You can set the maximum number of MAC addresses learned. When this feature is enabled, the switch will observe the incoming source MAC addresses on a configured port and dynamically learn/save this address to memory. Persistent (Sticky) MAC is a Layer 2 port security feature that prevents unauthorized devices from connecting to your network.