ethernet-service access-group
To control access to an interface, use the ethernet-service access-group command in interface configuration
mode. To remove the specified access group, use the no form of the command.
ethernet-service access-group access-list-name {ingress| egress}
no ethernet-service access-group access-list-name {ingress| egress}
Syntax Description
Name of an Ethernet services access list as specified by the
ethernet-service access-list command.
access-list-name
Filters on inbound packets.ingress
Filters on outbound packets.egress
Command Default
The interface does not have an Ethernet services access list applied to it.
Command Modes
Interface configuration
Command History
ModificationRelease
This command was introduced.Release 3.7.2
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes appropriate task
IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator
for assistance.
Use the ethernet-service access-group command to control access to an interface. To remove the specified
access group, use the no form of the command. Use the acl-name argument to specify a particular Ethernet
services access list. Use the ingress keyword to filter on inbound packets or the egress keyword to filter on
outbound packets.
If the list permits the addresses, the software continues to process the packet. If the access list denies the
address, the software discards the packet and returns a host unreachable message.
If the specified access list does not exist, all packets are passed.
By default, the unique or per-interface ACL statistics are disabled.
Task ID
OperationsTask ID
read, writeacl
Cisco ASR 9000 Series Aggregation Services Router VPN and Ethernet Services Command Reference, Release
6.1.x
653
Layer 2 Access List Commands
ethernet-service access-group
To Next Page
Loading...
Need help?
General
