Showing results for 
Search instead for 
Did you mean: 

Why disable mac address learning ??


Can anyone make me clear, what are the normal scenarios needed to disable mac address learning on a particular port or on particular vlan ?


Philip D'Ath

You would do this if you enjoy pain and spending hours performing simple jobs.

Cisco Employee

Hi Mithun,

LAN switches use forwarding tables (Layer 2 (L2) tables, Content Addressable Memory (CAM) tables) to direct traffic to specific ports based on the VLAN number and the destination MAC address of the frame. When there is no entry corresponding to the frame's destination MAC address in the incoming VLAN, the (unicast) frame will be sent to all forwarding ports within the respective VLAN, which causes flooding.

The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on).

So to overcome the large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links.

Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCNs are triggered by a port that is transitioning to or from the forwarding state. After the TCN, even if the particular destination MAC address has aged out, flooding should not happen for long in most cases since the address will be relearned.

Hope this helps you to understand.



Can you have another look at the question asked. For what reason or reasons would you disable mac address learning?
You have made a good case as to why it is important to use mac address learning.
The question is why on earth would you disable it - on purpose?

I think maybe you misunderstood the question.  You made a great case for why it is important to use mac address learning.

The question asked however is why on earth would anyone disable mac address learning on purpose?

to my understand, prior to disable mac address learning we should statically assign a mac addr to the interface, once done no other mac address will be learnt on that interface thus improve the network security.


One scenario (if not the only) is to free up some space in the MAC table.


Be aware though, doing so causes flooding. That's why it is recommanded to do it on a VLAN with two ports only. That way, when one port receives a frame, it is flooded to the other, and vice versa, and after all, this 'is' the behavior of a normal unicast frame forwarding  too.


However, disabling it on a VLAN with more than two ports may saturate your links.


I hope that answers your question. If anyone knows better feel free to correct me.




Oleksandr Y.

I am facing this little challenge actually, trying to implement unidirectional switching ... basically making all traffic go out one interface by default and come back on another. This is my original post where I asked the community ... it might explain what I am trying to achieve and maybe give an example of why would someone want to disable MAC Learning ? In simplest form I guess to have full control of the switching mechanism when you want to apply this theory to a very specific type of solution ... in normal networking it might not be of much use.
Recognize Your Peers
Content for Community-Ad