Access-list mac mask-precedence – Alcatel Carrier Internetworking Solutions OmniStack 6300-24 User Manual

Access Control List Commands

4-101

4

Command Mode

Privileged Exec

Example

Related Commands

permit, deny 4-99
mac access-group (4-104)

access-list mac mask-precedence

This command changes to MAC Mask mode used to configure access control
masks. Use the no form to delete the mask table.

Syntax

[no] access-list ip mask-precedence {in | out}

• in – Ingress mask for ingress ACLs.
• out – Egress mask for egress ACLs.

Default Setting

Default system mask: Filter inbound packets according to specified MAC ACLs.

Command Mode

Global Configuration

Command Usage

• You must configure a mask for an ACL rule before you can bind it to a port or

set the queue or frame priorities associated with the rule.

• A mask can only be used by all ingress ACLs or all egress ACLs.
• The precedence of the ACL rules applied to a packet is not determined by

order of the rules, but instead by the order of the masks; i.e., the first mask
that matches a rule will determine the rule that is applied to a packet.

Example

Related Commands

mask (MAC ACL) (4-102)
mac access-group (4-104)

Console#show mac access-list
MAC access-list jerry:
permit any 00-e0-29-94-34-de ethertype 0800
Console#

Console(config)#access-list mac mask-precedence in
Console(config-mac-mask-acl)#