Foundry NetIron M2404C and M2404F Metro Access Switches
Configuring ACLs (Rev. 03)
Overview
© 2008 Foundry Networks, Inc
Page 44 of 50
VLAN 10
ether type access-group 520
Displaying Access Control Groups
The
show access-groups
command, in Privileged (Enable) mode, displays the Access Control
Groups configured on interfaces, aggregation groups and VLANs.
Command Syntax
device-name
#
show access-groups
Example
The following example displays the ACGs’ configuration per interface and per VLAN:
device-name
#
show access-groups
interface 1/1/1
ip access-group 100
mac access-group 401 option
rate-limit single-rate 64K 4K 4K exceed-action mark-yellow
interface 1/1/2
ip access-group 150
ether-type access-group 502
Configuration Examples
In the example shown in
Figure 11
, the inbound and outbound traffic for PC 1 is limited to 3 Mbps
for each direction. The inbound and outbound traffic for PC 2 is limited to 1 Mbps for each
direction. The rest of the traffic that will pass through the device will not be controlled.
Figure 11: Rate Limit over Interface Configuration Example
1. Set the access list for the traffic from PC1 to the server:
device-name
(config)#
access-list 100 permit ip 211.202.212.130/26 any
2. Set the access list for the traffic from the server to PC1: