CHAPTER 3
Layer 2 Access Control Lists on EVCs
The ability to filter packets in a modular and scalable way is important for both network security and network
management. Access Control Lists (ACLs) provide the capability to filter packets at a fine granularity. In
Metro Ethernet networks, ACLs are directly applied on Ethernet virtual circuits (EVCs).
Layer 2 Access Control Lists on EVCs is a security feature that allows packet filtering based on MAC
addresses. This module describes how to implement ACLs on EVCs.
•
Prerequisites for Layer 2 Access Control Lists on EVCs, page 25
•
Prerequisites for Layer 2 Access Control Lists on EVCs, page 25
•
Restrictions for Layer 2 Access Control Lists on EVCs, page 25
•
Information About Layer 2 Access Control Lists on EVCs, page 27
•
Configuration Examples for Layer 2 Access Control Lists on EVCs, page 32
Prerequisites for Layer 2 Access Control Lists on EVCs
•
Knowledge of how service instances must be configured.
•
Knowledge of extended MAC ACLs and how they must be configured.
Prerequisites for Layer 2 Access Control Lists on EVCs
•
Knowledge of how service instances must be configured.
•
Knowledge of extended MAC ACLs and how they must be configured.
Restrictions for Layer 2 Access Control Lists on EVCs
•
A maximum of 512 access control entries (ACEs) are allowed for a given ACL, with the limitation that
it does not exceed the maximum tcam entries.
Layer 2 Configuration Guide for Cisco NCS 4200 Series
25
To Next Page
Loading...
