C613-50055-01 REV A Command Reference for x230 Series Edge Switches 685
AlliedWare Plus™ Operating System - Version 5.4.5-0.x
IPV4 HARDWARE ACCESS CONTROL LIST (ACL) COMMANDS
ACCESS
-LIST (HARDWARE MAC NUMBERED)
Mode Global Configuration
Default Any traffic on an interface controlled by a hardware ACL that does not explicitly
match a filter is permitted.
Usage This command creates an access-list for use with hardware classification, such as
when applying QoS. The <4000-4699> range MAC hardware access-list will match
on packets that have the specified source and destination MAC addresses. You
may apply the any parameter if the source or destination MAC host address is not
important.
NOTE: Hardware ACLs will permit access unless explicitly denied by an ACL action.
Examples To create an access-list that will permit packets with a MAC address of
0000.00ab.1234 and any destination address enter the commands:
awplus# configure terminal
awplus(config)# access-list 4000 permit 0000.00ab.1234
0000.0000.0000 any
To create an access-list that will permit packets with an initial MAC address
component of 0000.00ab and any destination address, enter the commands:
awplus# configure terminal
awplus(config)# access-list 4001 permit 0000.00ab.1234
0000.0000.FFFF any
<destination-mac-
mask>
The mask that will be applied to the destination MAC
addresses.
Enter this in the format <HHHH.HHHH.HHHH>
where each H is a hexadecimal number that represents
a 4 bit binary number. For a mask, each value will be
either 0 or F. Where Hex FF = Ignore, and Hex 00 =
Match.
any Any destination MAC address.
vlan Specifies that the ACL will match on the ID in the
packet’s VLAN tag.
<1-4094> The VLAN VID.
inner-vlan This parameter is used within double-tagged VLANs. It
is the inner VLAN tag (VID); sometimes referred to as
the C-TAG (Customer VLAN TAG), where the vlan VID
tag is referred to as the S-TAG (Service VLAN TAG).
<1-4094> The inner VLAN VID.
Parameter Description
To Next Page
Loading...
