2-410
Catalyst 4500 Series Switch Cisco IOS Command Reference—Release IOS XE 3.4.0SG and IOS 15.1(2)SG)
OL-27596 -01
Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches
mac access-list extended
mac access-list extended
To define the extended MAC access lists, use the mac access-list extended command. To remove the
MAC access lists, use the no form of this command.
mac access-list extended name
no mac access-list extended name
Syntax Description
Defaults MAC access lists are not defined.
Command Modes Global configuration mode
Command History
Usage Guidelines When you enter the ACL name, follow these naming conventions:
• Maximum of 31 characters long and can include a-z, A-Z, 0-9, the dash character (-), the underscore
character (_), and the period character (.)
• Must start with an alpha character and must be unique across all ACLs of all types
• Case sensitive
• Cannot be a number
• Must not be a keyword; keywords to avoid are all, default-action, map, help, and editbuffer
When you enter the mac access-list extended name command, you use the following subset to create or
delete entries in a MAC layer access list:
[no] {permit | deny} {{src-mac mask | any} [dest-mac mask]} [protocol-family {appletalk |
arp-non-ipv4 | decnet | ipx | ipv6 | rarp-ipv4 | rarp-non-ipv4 | vines | xns} | <arbitrary ethertype> |
name-coded ethertype].
Table 2-10 describes the syntax of the mac access-list extended subcommands.
name ACL to which the entry belongs.
Release Modification
12.1(12c)EW Support for this command was introduced on the Catalyst 4500 series switch.
Table 2-10 mac access-list extended Subcommands
Subcommand Description
any Specifies any source-host or destination-host.
arbitrary ethertype (Optional) Specifies an arbitrary ethertype in the range 1536 to 65535
(Decimal or Hexadecimal)
deny Prevents access if the conditions are matched.