Cisco Nexus 5500 Series - lacp system-priority

Cisco Nexus 5500 Series

378 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

90

Cisco Nexus 5500 Series NX-OS Security Command Reference

OL-27883-02

Chapter D Commands

deny (MAC)

deny (MAC)

To create a Media Access Control (MAC) access control list (ACL)+ rule that denies traffic matching its

conditions, use the deny command. To remove a rule, use the no form of this command.

[sequence-number] deny source destination [protocol] [cos cos-value] [vlan vlan-id]

no deny source destination [protocol] [cos cos-value] [vlan vlan-id]

no sequence-number

Syntax Description

Command Default A newly created MAC ACL contains no rules.

If you do not specify a sequence number, the switch assigns the rule a sequence number that is 10 greater

than the last rule in the ACL.

Command Modes MAC ACL configuration mode

sequence-number (Optional) Sequence number of the deny command, which causes the switch

to insert the command in that numbered position in the access list. Sequence

numbers maintain the order of rules within an ACL.

A sequence number can be any integer between 1 and 4294967295.

By default, the first rule in an ACL has a sequence number of 10.

If you do not specify a sequence number, the switch adds the rule to the end

of the ACL and assigns to it a sequence number that is 10 greater than the

sequence number of the preceding rule.

Use the resequence command to reassign sequence numbers to rules.

source Source MAC addresses that the rule matches. For details about the methods

that you can use to specify this argument, see “Source and Destination” in

the “Usage Guidelines” section.

destination Destination MAC addresses that the rule matches. For details about the

methods that you can use to specify this argument, see “Source and

Destination” in the “Usage Guidelines” section.

protocol (Optional) Protocol number that the rule matches. Valid protocol numbers

are 0x0 to 0xffff. For listings of valid protocol names, see “MAC Protocols”

in the “Usage Guidelines” section.

cos cos-value (Optional) Specifies that the rule matches only packets whose IEEE 802.1Q

header contains the class of service (CoS) value given in the cos-value

argument. The cos-value argument can be an integer from 0 to 7.

vlan vlan-id (Optional) Specifies that the rule matches only packets whose IEEE 802.1Q

header contains the VLAN ID given. The vlan-id

argument can be an integer

from 1 to 4094.

Table of Contents

Other manuals for Cisco Nexus 5500 Series

Command Reference Guide460 pages

Configuration Guide160 pages

Related product manuals

Cisco Nexus 5596

Preview: Cisco Nexus 5548P

Cisco Nexus 5548P

Preview: Cisco Nexus 5548UP

Cisco Nexus 5548UP

Preview: Cisco Nexus 5596UP

Cisco Nexus 5596UP

Preview: Cisco Nexus 5010

Cisco Nexus 5010

Preview: Cisco Nexus 5000 Series

Cisco Nexus 5000 Series

Preview: Cisco Nexus 5600 Series

Cisco Nexus 5600 Series

AP775A - Nexus Converged Network Switch 5010

Preview: Cisco Nexus 9504

Cisco Nexus 9504

Preview: Cisco Nexus 7000

Cisco Nexus 7000

Cisco Nexus 3064

Preview: Cisco Nexus 9508

Cisco Nexus 9508