Applying a Layer 2 ACL to a Service Instance
Perform this task to apply a Layer 2 ACL to a service instance. Note that packet filtering takes place only
after the ACL has been created and applied to the service instance.
Before You Begin
Before applying an ACL to a service instance, you must create it using the mac access-list extended command.
See the “Creating a Layer 2 ACL” section.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
interface type number
4.
service instance id ethernet
5.
encapsulation dot1q vlan-id
6.
mac access-group access-list-name in
7.
bridge -domain bridge-id in
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
Device> enable
•
Enter your password if prompted.
Enters global configuration mode.configure terminal
Example:
Device# configure terminal
Step 2
Specifies the type and location of the interface to configure,
where:
interface type number
Example:
Device(config)# interface gigabitethernet 1/0/0
Step 3
•
type --Specifies the type of the interface.
•
number --Specifies the location of the interface.
Configures an Ethernet service instance on an interface and
enters Ethernet service configuration mode.
service instance id ethernet
Example:
Device(config-if)# service instance 100
ethernet
Step 4
Layer 2 Configuration Guide for Cisco NCS 4200 Series
28
Layer 2 Access Control Lists on EVCs
Applying a Layer 2 ACL to a Service Instance
To Next Page
Loading...
