Mask (mac acl), Mask (mac acl) -21, Mac acl – SMC Networks SMC TigerAccess SMC7824M/FSW User Manual

MAC ACL

S

23-21

mask (MAC ACL)

This command defines a mask for MAC ACLs. This mask defines the
fields to check in the packet header. Use the no form to remove a mask.

Syntax

[no] mask [pktformat]

{any | host | source-bitmask} {any | host | destination-bitmask}
[vid [vid-bitmask]] [ethertype [ethertype-bitmask]]

• pktformat – Check the packet format field. (If this keyword must

be used in the mask, the packet format must be specified in ACL rule
to match.)

• any – Any address will be matched.
• host – The address must be for a single node.
• source-bitmask – Source address of rule must match this bitmask.
• destination-bitmask – Destination address of rule must match this

bitmask.

• vid – Check the VLAN ID field.
• vid-bitmask – VLAN ID of rule must match this bitmask.
• ethertype – Check the Ethernet type field.
• ethertype-bitmask – Ethernet type of rule must match this bitmask.

Default Setting

None

Command Mode

MAC Mask

Command Usage

• Up to seven masks can be assigned to an ingress or egress ACL.
• Packets crossing a port are checked against all the rules in the ACL

until a match is found. The order in which these packets are checked
is determined by the mask, and not the order in which the ACL rules
were entered.

• First create the required ACLs and inbound or outbound masks before

mapping an ACL to an interface.