4 mac access-group, 5 show mac access-lists, Mac access-group - 26 – Kontron AT890X Full-Size CLI User Manual

Page 192: Show mac access-lists - 26

Advertising
background image

Quality of Service (QoS) Commands

AT8901/2/3

AT8901/2/3 CLI Reference Manual

Page 4 - 26

For the Broadcom 5650x platform, the

mirror

parameter allows the traffic matching

this rule to be copied to the specified

<

unit/slot/port

>

, while the redirect parameter

allows the traffic matching this rule to be forwarded to the specified

<

unit/slot/port

>

.

The

assign-queue

and

redirect

parameters are only valid for a

permit

rule.

NOTE: The

mirror

and

redirect

parameters are not available on the Broad-

com 5630x platform.

NOTE: The special command form

{deny | permit}

any any

is used to

match all Ethernet layer 2 packets, and is the equivalent of the IP
access list “match every” rule.

Format

{deny|permit} {<srcmac> | any} {<dstmac> | any} [<etherty-
pekey> | <0x0600-0xFFFF>] [vlan {eq <0-4095>}] [cos <0-7>]
[[log] [assign-queue <queue-id>]] [{mirror | redirect}
<unit/slot/port>]

Mode

Mac-Access-List Config

4.7.4

mac access-group

This command attaches a specific MAC Access Control List (ACL) identified by

<name>

to an interface in a given direction. The

<name>

parameter must be the name of

an existing MAC ACL.

An optional sequence number may be specified to indicate the order of this mac access
list relative to other mac access lists already assigned to this interface and direction. A
lower number indicates higher precedence order. If a sequence number is already in
use for this interface and direction, the specified mac access list replaces the currently
attached mac access list using that sequence number. If the sequence number is not
specified for this command, a sequence number that is one greater than the highest
sequence number currently in use for this interface and direction is used.

This command specified in 'Interface Config' mode only affects a single interface,
whereas the 'Global Config' mode setting is applied to all interfaces. The 'Interface
Config' mode command is only available on platforms that support independent per-
port class of service queue configuration.

Format

mac access-group <name> in [sequence <1-4294967295>]

Modes

Global Config
Interface Config

4.7.4.1

no mac access-group

This command removes a MAC ACL identified by

<name>

from the interface in a

given direction.

Format

no mac access-list <name> in

Modes

Global Config
Interface Config

4.7.5

show mac access-lists

This command displays a MAC access list and all of the rules that are defined for the
MAC ACL. Use the

[name]

parameter to identify a specific MAC ACL to display.

Advertising
Popular Brands
Popular manuals