CHAPTER 11
Configuring MAC ACLs
This chapter describes how to configure MAC access lists (ACLs) on Cisco NX-OS devices.
This chapter contains the following sections:
• About MAC ACLs, on page 285
• Licensing Requirements for MAC ACLs, on page 286
• Guidelines and Limitations for MAC ACLs, on page 286
• Default Settings for MAC ACLs, on page 286
• Configuring MAC ACLs, on page 287
• Verifying the MAC ACL Configuration, on page 293
• Monitoring and Clearing MAC ACL Statistics, on page 293
• Configuration Example for MAC ACLs, on page 294
• Additional References for MAC ACLs, on page 294
About MAC ACLs
MAC ACLs are ACLs that use information in the Layer 2 header of packets to filter traffic. MAC ACLs share
many fundamental concepts with IP ACLs, including support for virtualization.
MAC Packet Classification
MAC packet classification allows you to control whether a MAC ACL that is on a Layer 2 interface applies
to all traffic entering the interface, including IP traffic, or to non-IP traffic only.
Effect on InterfaceMAC Packet Classification
State
• A MAC ACL that is on the interface applies to all traffic entering the
interface, including IP traffic.
• You cannot apply an IP port ACL on the interface.
Enabled
• A MAC ACL that is on the interface applies only to non-IP traffic
entering the interface.
• You can apply an IP port ACL on the interface
Disabled
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
285
To Next Page
Loading...
