146
Cisco Nexus 5500 Series NX-OS Security Command Reference
OL-27883-02
Chapter M Commands
mac access-list
mac access-list
To create a Media Access Control (MAC) access control list (ACL) or to enter MAC access list
configuration mode for a specific ACL, use the mac access-list command. To remove a MAC ACL, use
the no form of this command.
mac access-list access-list-name
no mac access-list access-list-name
Syntax Description
Command Default No MAC ACLs are defined by default.
Command Modes Global configuration mode
Command History
Usage Guidelines Use MAC ACLs to filter non-IP traffic.
When you use the mac access-list command, the switch enters MAC access list configuration mode,
where you can use the MAC deny and permit commands to configure rules for the ACL. If the ACL
specified does not exist, the switch creates it when you enter this command.
Use the mac access-group command to apply the ACL to an interface.
Every MAC ACL has the following implicit rule as its last rule:
deny any any protocol
This implicit rule ensures that the switch denies the unmatched traffic, regardless of the protocol
specified in the Layer 2 header of the traffic.
Examples This example shows how to enter MAC access list configuration mode for a MAC ACL named
mac-acl-01:
switch(config)# mac access-list mac-acl-01
switch(config-acl)#
Related Commands
access-list-name Name of the MAC ACL, which can be up to 64 alphanumeric, case-sensitive
characters long.
Release Modification
5.2(1)N1(1) This command was introduced.
Command Description
deny (MAC) Configures a deny rule in a MAC ACL.
mac access-group Applies a MAC ACL to an interface.
To Next Page
Loading...
