Chapter 10
| Access Control Lists
MAC ACLs
– 411 –
Command Usage
◆ When you create a new ACL or enter configuration mode for an existing ACL,
use the permit or deny command to add new rules to the bottom of the list.
◆ To remove a rule, use the no permit or no deny command followed by the
exact text of a previously configured rule.
◆ An ACL can contain up to 2048 rules.
Example
Console(config)#access-list mac jerry
Console(config-mac-acl)#
Related Commands
permit, deny (412)
mac access-group (Interface Configuration) (415)
show mac access-list (416)
mac access-group
(Global Configuration)
This command binds a MAC ACL to all ports for ingress traffic. Use the no form to
remove this binding.
Syntax
mac access-group acl-name in
[time-range time-range-name] [counter]
no mac access-group acl-name in
acl-name – Name of the ACL. (Maximum length: 32 characters)
in – Indicates that this list applies to ingress packets.
time-range-name - Name of the time range. (Range: 1-16 characters)
counter – Enables counter for ACL statistics.
Default Setting
None
Command Mode
Global Configuration
Command Usage
If an ACL is already bound to a port and you bind a different ACL to it, the switch
will replace the old binding with the new one.
Example
Console(config)#mac access-group jerry in
Console(config)#
To Next Page
Loading...
