Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 938

Advertising

926

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

Usage Guidelines:

The permit command in the MAC ACL allows traffic based on layer 2 (data-link layer) information. A
MAC access list permits traffic from a source MAC address or any MAC address. It also has an
option to allow traffic from a list of MAC addresses (based on the source mask).

The MAC access list can be configured to allow traffic based on VLAN information, or Ethernet type.
Common types include:

•

ARP

•

WISP

•

802.1q

<DEST-MAC>
<DEST-MAC-MASK>

Configures the destination MAC address and mask to match

•

<DEST-MAC> – Specify the destination MAC address to match.

•

<DEST-MAC-MASK> – Specify the destination MAC address mask to match.

Packets addressed to the specified MAC addresses are forwarded.

DEST-MAC-MASK

Specifies the destination MAC address mask to match

any

Identifies all devices as the destination to permit access. Packets addressed to any destination are forwarded.

host
<DEST-HOST-MAC>

Identifies a specific host as the destination to permit access

•

<DEST-HOST-MAC> – Specify the destination host’s exact MAC address to match. Packets addressed to
the specified host are forwarded.

dotp1p <0-7>

Configures the 802.1p priority value. Sets the service classes for traffic handling

•

<0-7> – Specify 802.1p priority from 0 - 7.

type
[8021q|<1-65535>|
aarp|appletalk|
arp|ip|ipv6|ipx|mint|
rarp|wisp]

Configures the EtherType value
An EtherType is a two-octet field in an Ethernet frame that indicates the protocol encapsulated in the payload
of the frame. The EtherType values are:

•

8021q – Indicates a 802.1q payload (0x8100)

•

<1-65535> – Indicates the EtherType protocol number

•

aarp – Indicates the Appletalk Address Resolution Protocol (ARP) payload (0x80F3)

•

appletalk – Indicates the Appletalk Protocol payload (0x809B)

•

arp – Indicates the ARP payload (0x0806)

•

ip – Indicates the Internet Protocol, Version 4 (IPv4) payload (0x0800)

•

ipv6 – Indicates the Internet Protocol, Version 6 (IPv6) payload (0x86DD)

•

ipx – Indicates the Novell’s IPX payload (0x8137)

•

mint – Indicates the MiNT protocol payload (0x8783)

•

rarp – Indicates the reverse Address Resolution Protocol (ARP) payload (0x8035)

•

wisp – Indicates the Wireless Internet Service Provider (WISP) payload (0x8783)

vlan <1-4095>

Configures the VLAN ID

•

<1-4095> – Specify the VLAN ID from 1 - 4095.

log

Logs all permit events matching this entry. If a source and/or destination MAC address is matched (i.e. a
packet is addressed to a specified MAC address or is destined for a specified MAC address), an event is
logged.

rule-precedence
<1-5000>
rule-description <LINE>

The following keywords are recursive and common to all of the above parameters:

•

rule-precedence – Assigns a precedence for this permit rule

•

<1-5000> – Specify a value from 1 - 5000.

Lower the precedence higher is the priority. A rule with precedence 3 gets priority over a rule with precedence
10.

•

rule-description – Optional. Configures a description for this permit rule. Provide a description that

uniquely identifies the purpose of this rule (should not exceed 128 characters in length).

Advertising

Popular Brands

Popular manuals