deny (ES ACL)
To set conditions for an Ethernet services access list, use the deny command in Ethernet services access list
configuration mode. To remove a condition, use the no form of the command.
[ sequence-number ] deny {src-mac-address src-mac-mask| any| host| dest-mac-address dest-mac-mask}
[ethertype-number| capture| vlan min-vlan-ID [ max-vlan-ID ]] [cos cos-value] [dei] [inner-vlan min-vlan-ID
[ max-vlan-ID ]] [inner-cos cos-value] [inner-dei]
no sequence-number
Syntax Description
(Optional) Number of the deny statement in the access list. This number
determines the order of the statements in the access list. The number can be
from 1 to 2147483646. (By default, the first statement is number 10, and the
subsequent statements are incremented by 10.) Use the resequence access-list
ethernet-service command to change the number of the first statement and
increment subsequent statements of a configured access list.
sequence-number
Source MAC address in format H.H.H.src-mac-address
Source MAC mask in format H.H.H.src-mac-mask
Denies any source MAC address and mask.any
Denies host with a specific host source MAC address and mask, in format
H.H.H.
host
Destination MAC address in format H.H.H.dest-mac-address
Destination MAC mask in format H.H.H.dest-mac-mask
16-bit ethertype number in hexadecimal. Range is 0x1 to 0xffff.
ethertype-number
(Optional) Captures packets using the traffic mirroring feature and copies this
to a capture file.
capture
(Optional) Denies a specific VLAN or a range of VLANs.vlan
ID for a specific VLAN or the beginning of a range of VLAN IDs.
min-vlan-ID
(Optional) ID for the end of a range of VLAN IDs.
max-vlan-ID
(Optional) Denies based on class of service value.cos
Class of service value. Range is from 0 to 7.
cos-value
(Optional) Denies based on the setting of the discard eligibility indicator
(DEI).
dei
Cisco ASR 9000 Series Aggregation Services Router VPN and Ethernet Services Command Reference, Release
6.1.x
650
Layer 2 Access List Commands
deny (ES ACL)
To Next Page
Loading...
Need help?
General
