EasyManuals Logo

Ruijie RG-WLAN Series User Manual

Ruijie RG-WLAN Series
1243 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #911 background imageLoading...
Page #911 background image
Configuration Guide Configuring ACL
Protocol
ID Range
MAC extended ACL
700799
Typical rules defined in an MAC extended ACL include:
Source MAC address
Destination MAC address
Ethernet protocol type
The MAC extended ACL (ID range: 700799) is used to filter packets based on the source or destination MAC address and
the Ethernet type in the packets.
For an individual MAC extended ACL, multiple independent ACL statements can be used to define multiple rules. All
statements reference the same ID or name so that these statements are bound with the same ACL. However, more
statements mean that it is increasingly difficult to read and understand the ACL.
If ACEs in an MAC extended ACL are not defined specifically for IPv6 packets, that is, the Ethernet type is not specified
or the value of the Ethernet type field is not 0x86dd, the MAC extended ACL does not filter IPv6 packets. If you want to
filter IPv6 packets, use the IPv6 extended ACL.
Implicit "Deny All Traffic" Rule Statement
At the end of every MAC extended ACL is an implicit "deny all traffic" rule statement. Therefore, if a packet does not match
any rule, the packet will be denied.
For example:
access-list 700 permit host 00d0.f800.0001 any
This ACL permits only packets from the host with the MAC address 00d0.f800.0001, and denies packets from all other hosts.
This is because the following statement exists at the end of this ACL: access-list 700 deny any any.
Related Configuration
Configuring an MAC Extended ACL
By default, no MAC extended ACL is configured on a device.
Run the mac access-list extended {acl-name | acl-id } command in global configuration mode to create an MAC extended
ACL and enter MAC extended ACL mode.
Adding ACEs to an MAC Extended ACL
By default, a newly created MAC extended ACL contains an implicit ACE that denies all L2 packets. This ACE is hidden from
users, but takes effect when the ACL is applied to an interface. That is, all L2 packets will be discarded. Therefore, if you
want the device to receive or send some specific L2 packets, add some ACEs to the ACL.
You can add ACEs to an MAC extended ACL as follows:

Table of Contents

Other manuals for Ruijie RG-WLAN Series

Preview: Rgos Command Reference
Rgos Command Reference657 pages
Preview: Configuration Guide
Configuration Guide712 pages
Preview: Web-Based Configuration Guide
Web-Based Configuration Guide71 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Ruijie RG-WLAN Series and is the answer not in the manual?

Ruijie RG-WLAN Series Specifications

General IconGeneral
BrandRuijie
ModelRG-WLAN Series
CategoryWireless Access Point
LanguageEnglish

Related product manuals