Sticky MAC

MAC addresses will be learned up until the Max MACs in the ACL has been exceeded and then it will no longer learn any further MAC addresses on that port. This allows you to set up the system for Sticky MAC on every port, plug in all the devices on the network, and once all the desired devices are learned, no further devices can be added to the network without manual actions or provisioning changes to the system.

Sticky MAC can also be used on ports with trusted servers to help limit the effect of DoS attacks on the system. This allows the advantages of statically configuring MACs without having to manually enter all the MAC addresses by hand.

The following example shows an ACL that is configured to allow a sticky MAC and only allows a single device to be attached to the port (Max MACs = 1). 

Sticky Mac Procedure   

1. Open a Panorama PON (EMS) session, click on the Profile button and the ACL tab.
2. Select the EMS ACL Create a new profile icon and name the ACL profile as StickyMac-1. 
3. Click on the Create Rule button and perform the following steps:
   
   
    

Step 1: Enter "Rule 1" in Rule Name entry box:

Step 2: Select "Basic ACL" from the ACL Type Dropdown

Step 3: Select "Permit" from the Action Dropdown

Step 4: Select "Sticky Mac" from the SourceMAC(s) dropdown

Step 5: Click on the Add button to add the Source MAC to the source window

Step 6: Select the "Sticky Mac" entry in the Source Window

Step 7: Enter "1" in the Max MAC(s) entry box

Step 8: Click on the Save button to save the rule profile

1. Click on the Apply button to add the ACL profile to the Profile Name window list.
2. After the Profile has been generated, the ACL status is displayed.  Click on the Close button to complete the ACL profile.

Previous   |   Next