DXS-3600 Series 10GbE Layer 2/3 Switch CLI Reference Guide
24
3-8 permit | deny (mac access-list)
Use the
permit
command to add a permit entry. Use the
deny
command to add a deny entry. Use the no command to
remove an entry.
[
sn
] {permit | deny} {
source-mac-address mask
| host
source-mac-address
| any} {
destination-mac-address mask
| host
destination-mac-address
| any} [
ethernet-type
] [cos
out
[inner
in
]]
no
sn
Parameters
Usage Guideline
Extended MAC ACL only filters the Non-IP packet. The name must be unique among
all (including MAC, IP, IPv6 or Expert) access-lists and the first character of name
must be a letter.
When creating an ACL through the assignment of a name, an ID will be assigned
automatically. The ID assignment rule will start from the maximum ID of 7999 and
decrease by 1 for envery new ACL created.
When creating an ACL through the assignment of an ID, a name will be assigned
automatically. The name assignment rule is ‘ext-mac’ + “-” + ID. If this name conflicts
with the name of an existing ACL, then it will be renamed based on the following rule:
‘ext-mac’ + “-” + ID +”alt”.
Example
This example shows how to create an extended MAC ACL.
DXS-3600-32S#configure terminal
DXS-3600-32S(config)#mac access-list extended 6001
DXS-3600-32S(config-mac-nacl)#end
DXS-3600-32S#show access-list
Extended IP access list 3999 ext_ipv6
10 permit ip any any
Extended MAC access list 6001 ext-mac-6001
DXS-3600-32S#
sn
(Optional) Specifies the ACE sequence number. This number must be between 1
and 65535.
source-mac-address
Specifies the source MAC address.
destination-mac-address
Specifies the destination MAC address.
mask
Specifies the MAC address mask.
any
Means any source or destination MAC address.
ethernet-type
(Optional) Specifies the Ethernet type as a pair of hexadecimal numbers and the
mask (from 0x0 to 0xFFFF) or the name of the Ethernet type. Names that can be
used are 'arp', 'aarp', 'appletalk', 'decnet-iv', 'etype-6000', 'etype-8042', 'lat', 'lavc-
sca', 'mop-console', 'mop-dump', 'vines-echo', 'vines-ip', 'xns-idp'.
cos
out
Specifies the out priority value used. This value must be between 0 and 7.
inner
in
(Optional) Specifies the inner priority value used. This value must be between 0 and
7.
Default
None.
Command Mode
Extended MAC Access-list Configuration Mode.
Command Default Level
Level: 12
Usage Guideline
A sequence number will be assigned automatically if the user did not assign it
manually. Automatic assignment of sequence numbers will start from 10 and
increase by 10 for every new entry created.
Summary of Contents for DXS-3600-16S
Page 1: ...CLI Reference Guide Product Model DXS 3600 Series Layer 2 3 Managed 10GbE Switch Release 1 10 ...
Page 232: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 224 ...
Page 301: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 293 ...
Page 349: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 341 ...
Page 494: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 486 ...
Page 564: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 556 ...
Page 649: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 641 ...