(Optional) Denies a specific VLAN ID or range of VLAN IDs for the inner
header.
inner-vlan
ID for a specific VLAN or the beginning of a range of VLAN IDs.
min-vlan-ID
(Optional) ID for the end of a range of VLAN IDs.
max-vlan-ID
(Optional) Denies based on inner header class of service value.inner-cos
Inner header class of service value. Range is from 0 to 7.
cos-value
(Optional) Denies based on inner header discard eligibility indicator.inner-dei
Command Default
There is no default condition under which a packet is denied passing the Ethernet services access list.
Command Modes
Ethernet services access list configuration
Command History
ModificationRelease
This command was introduced.Release 3.7.2
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes appropriate task
IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator
for assistance.
Use the deny command following the ethernet-service access-list command to specify conditions under
which a packet can pass the access list.
By default, the first statement in an access list is number 10, and the subsequent statements are incremented
by 10.
You can add permit or deny statements to an existing access list without retyping the entire list. To add a
new statement anywhere other than at the end of the list, create a new statement with an appropriate entry
number that falls between two existing entry numbers to indicate where it belongs.
If you want to add a statement between two consecutively numbered statements (for example, between lines
10 and 11), first use the resequence access-list ethernet-service, on page 660 command to renumber the first
statement and increment the entry number of each subsequent statement.
Task ID
OperationsTask ID
read, writeacl
Cisco ASR 9000 Series Aggregation Services Router VPN and Ethernet Services Command Reference, Release
6.1.x
651
Layer 2 Access List Commands
deny (ES ACL)
To Next Page
Loading...
Need help?
General
