Configuring MAC ACLs
Creating a MAC ACL
You can create a MAC ACL and add rules to it.
SUMMARY STEPS
1. configure terminal
2. mac access-list name
3. {permit | deny} source destination-protocol
4. (Optional) statistics per-entry
5. (Optional) show mac access-lists name
6. (Optional) copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Creates the MAC ACL and enters ACL configuration mode.
mac access-list name
Example:
Step 2
switch(config)# mac access-list acl-mac-01
switch(config-mac-acl)#
Creates a rule in the MAC ACL.
{permit | deny} source destination-protocol
Step 3
Example:
The permit and deny commands support many ways of
identifying traffic.
switch(config-mac-acl)# 100 permit mac
00c0.4f00.0000 0000.00ff.ffff any 0x0806
Specifies that the device maintains global statistics for
packets that match the rules in the ACL.
(Optional) statistics per-entry
Example:
Step 4
switch(config-mac-acl)# statistics per-entry
Displays the MAC ACL configuration.
(Optional) show mac access-lists name
Example:
Step 5
switch(config-mac-acl)# show mac access-lists
acl-mac-01
Copies the running configuration to the startup
configuration.
(Optional) copy running-config startup-config
Example:
Step 6
switch(config-mac-acl)# copy running-config
startup-config
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
287
Configuring MAC ACLs
Configuring MAC ACLs
To Next Page
Loading...
