7 mac access control list (acl) commands, 1 mac access-list extended, 2 mac access-list extended rename – Kontron AT890X Full-Size CLI User Manual

Page 190: 7 mac access control list (acl) commands - 24, Mac access-list extended - 24, Mac access-list extended rename - 24

Advertising
background image

Quality of Service (QoS) Commands

AT8901/2/3

AT8901/2/3 CLI Reference Manual

Page 4 - 24

4.7

MAC Access Control List (ACL) Commands

This section describes the commands you use to configure MAC ACL settings. MAC
ACLs ensure that only authorized users have access to specific resources and block any
unwarranted attempts to reach network resources.

The following rules apply+-to MAC ACLs:

The maximum number of ACLs you create is 100, regardless of type.

The system supports only Ethernet II frame types.

The maximum number of rules per MAC ACL is hardware dependent.

For the Broadcom 5630x platform, if you configure an IP ACL on an interface, you
cannot configure a MAC ACL on the same interface.

4.7.1

mac access-list extended

This command creates a MAC Access Control List (ACL) identified by

<name>

,

consisting of classification fields defined for the Layer 2 header of an Ethernet frame.
The

<name>

parameter is a case-sensitive alphanumeric string from 1 to 31 characters

uniquely identifying the MAC access list.

If a MAC ACL by this name already exists, this command enters Mac-Access-List
config mode to allow updating the existing MAC ACL.

NOTE: The CLI mode changes to Mac-Access-List Config mode when you

successfully execute this command.

Format

mac access-list extended <name>

Mode

Global Config

4.7.1.1

no mac access-list extended

This command deletes a MAC ACL identified by

<name>

from the system.

Format

no mac access-list extended <name>

Mode

Global Config

4.7.2

mac access-list extended rename

This command changes the name of a MAC Access Control List (ACL). The

<name>

parameter is the name of an existing MAC ACL. The

<newname>

parameter is a case-

sensitive alphanumeric string from 1 to 31 characters uniquely identifying the MAC
access list.

This command fails if a MAC ACL by the name

<newname>

already exists.

Format

mac access-list extended rename <name> <newname>

Mode

Global Config

Advertising
Popular Brands
Popular manuals