Cisco Nexus 5500 Series - Permit (ARP)

Cisco Nexus 5500 Series

378 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

154

Cisco Nexus 5500 Series NX-OS Security Command Reference

OL-27883-02

Chapter P Commands

permit (ARP)

permit (ARP)

To create an ARP ACL rule that permits ARP traffic that matches its conditions, use the permit

command. To remove a rule, use the no form of this command.

General Syntax

[sequence-number] permit ip {any | host sender-IP | sender-IP sender-IP-mask} mac any

no sequence-number

no permit ip {any | host sender-IP | sender-IP sender-IP-mask} mac any

Syntax Description

Command Default None

Command Modes ARP ACL configuration mode

Command History

sequence-number (Optional) Sequence number of the permit command, which causes the device

to insert the command in that numbered position in the access list. Sequence

numbers maintain the order of rules within an ACL.

A sequence number can be any integer between 1 and 4294967295.

By default, the first rule in an ACL has a sequence number of 10.

If you do not specify a sequence number, the device adds the rule to the end of

the ACL and assigns a sequence number that is 10 greater than the sequence

number of the preceding rule.

Use the resequence command to reassign sequence numbers to rules.

ip Introduces the IP address portion of the rule.

any Specifies that any host matches the part of the rule that contains the any

keyword. You can use any to specify the sender IP address, target IP address,

sender MAC address, and target MAC address.

host sender-IP Specifies that the rules matches ARP packets only when the sender IP address

in the packet matches the value of the sender-IP argument. Valid values for the

sender-IP argument are IPv4 addresses in dotted-decimal format.

sender-IP

sender-IP-mask

IPv4 address and mask for the set of IPv4 addresses that the sender IP address

in the packet can match. The sender-IP and sender-IP-mask argument must be

in dotted-decimal format. Specifying 255.255.255.255 as the sender-IP-mask

argument is the equivalent of using the host keyword.

mac

Introduces the MAC address portion of the rule.

Release Modification

5.2(1)N1(1) This command was introduced.

Table of Contents

Other manuals for Cisco Nexus 5500 Series

Command Reference Guide460 pages

Configuration Guide160 pages

Related product manuals

Cisco Nexus 5596

Preview: Cisco Nexus 5548P

Cisco Nexus 5548P

Preview: Cisco Nexus 5548UP

Cisco Nexus 5548UP

Preview: Cisco Nexus 5596UP

Cisco Nexus 5596UP

Preview: Cisco Nexus 5010

Cisco Nexus 5010

Preview: Cisco Nexus 5000 Series

Cisco Nexus 5000 Series

Preview: Cisco Nexus 5600 Series

Cisco Nexus 5600 Series

AP775A - Nexus Converged Network Switch 5010

Preview: Cisco Nexus 9504

Cisco Nexus 9504

Preview: Cisco Nexus 7000

Cisco Nexus 7000

Cisco Nexus 3064

Preview: Cisco Nexus 9508

Cisco Nexus 9508