Mac access-group – Dell POWEREDGE M1000E User Manual

Page 325

Advertising
background image

2-295

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference

OL-13271-03

Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands

mac access-group

mac access-group

Use the mac access-group interface configuration command on the switch stack or on a standalone
switch to apply a MAC access control list (ACL) to a Layer 2 interface. Use the no form of this command
to remove all MAC ACLs or the specified MAC ACL from the interface. You create the MAC ACL by
using the mac access-list extended global configuration command.

mac access-group {name} in

no mac access-group {name}

Syntax Description

Defaults

No MAC ACL is applied to the interface.

Command Modes

Interface configuration (Layer 2 interfaces only)

Command History

Usage Guidelines

You can apply MAC ACLs only to ingress Layer 2 interfaces. You cannot apply MAC ACLs to Layer 3
interfaces.

On Layer 2 interfaces, you can filter IP traffic by using IP access lists and non-IP traffic by using MAC
access lists. You can filter both IP and non-IP traffic on the same Layer 2 interface by applying both an
IP ACL and a MAC ACL to the interface. You can apply no more than one IP access list and one MAC
access list to the same Layer 2 interface.

If a MAC ACL is already configured on a Layer 2 interface and you apply a new MAC ACL to the
interface, the new ACL replaces the previously configured one.

If you apply an ACL to a Layer 2 interface on a switch, and the switch has an input Layer 3 ACL or a
VLAN map applied to a VLAN that the interface is a member of, the ACL applied to the Layer 2
interface takes precedence.

When an inbound packet is received on an interface with a MAC ACL applied, the switch checks the
match conditions in the ACL. If the conditions are matched, the switch forwards or drops the packet,
according to the ACL.

If the specified ACL does not exist, the switch forwards all packets.

For more information about configuring MAC extended ACLs, see the “Configuring Network Security
with ACLs” chapter in the software configuration guide for this release.

name

Specify a named MAC access list.

in

Specify that the ACL is applied in the ingress direction. Outbound ACLs are not
supported on Layer 2 interfaces.

Release

Modification

12.2(40)EX1

This command was introduced.

Advertising
Popular Brands
Popular manuals