Command Line Interface
7131553-KDU 137 365 Uen D 2006-06-16
• The precedence of the ACL rules applied to a packet is not determined
by order of the rules, but instead by the order of the masks; that is, the
first mask that matches a rule will determine the rule that is applied to a
packet.
Example
Related Commands
mask (MAC ACL) (section 7.8.14 on page 713)
mac access-group (section 7.8.16 on page 717)
7.8.14 mask (MAC ACL)
This command defines a mask for MAC ACLs. This mask defines the fields to
check in the packet header. Use the no form to remove a mask.
Syntax
[no] mask [pktformat]
{any | host | <source-bitmask>}
{any | host | <destination-bitmask>}
[vid [vid-bitmask]] [ethertype [ethertype-bitmask]]
• pktformat – Check the packet format field. (If this keyword must
be used in the mask, the packet format must be specified in ACL
rule to match.)
• any – Any address will be matched.
• host – The address must be for a single node.
• source-bitmask – Source address of rule must match this
bitmask.
• destination-bitmask – Destination address of rule must match
this bitmask.
• vid – Check the VLAN ID field.
Console(config)#access-list mac mask-precedence in
Console(config-mac-mask-acl)#
To Next Page
Loading...
