Chapter 9
| Access Control Lists
MAC ACLs
– 335 –
Command Usage
◆ When you create a new ACL or enter configuration mode for an existing ACL,
use the permit or deny command to add new rules to the bottom of the list.
◆ To remove a rule, use the no permit or no deny command followed by the
exact text of a previously configured rule.
◆ A MAC ACL can contain up to 45 rules.
Example
Console(config)#access-list mac jerry
Console(config-mac-acl)#
Related Commands
permit, deny (336)
mac access-group (338)
show mac access-list (339)
mac access-group This command binds a MAC ACL to all ports. Use the no form to remove the
binding.
Syntax
mac access-group acl-name in
[time-range time-range-name] [counter]
acl-name – Name of the ACL. (Maximum length: 16 characters)
in – Indicates that this list applies to ingress packets.
time-range-name - Name of the time range. (Range: 1-30 characters)
counter – Enables counter for ACL statistics.
Default Setting
None
Command Mode
Global Configuration
Command Usage
If an MAC ACL is already bound to all ports and you bind a different MAC ACL to it,
the switch will replace the old binding with the new one.
Example
Console(config-if)#mac access-group jerry in
Console(config-if)#
To Next Page
Loading...
