Administrator Guide
ip access-group
Assign an IP access list (IP ACL) to an interface.
Syntax
ip access-group access-list-name {in | out} [implicit-permit] [vlan vlan-id]
[vrf vrf-name]
To delete an IP access-group conguration, use the no ip access-group access-list-name {in |
out} [implicit-permit] [vlan vlan-id][layer3] [vrf vrf-name] command.
Parameters
access-list-name Enter the name of a congured access list, up to 140 characters.
in Enter the keyword in to apply the ACL to incoming trac.
out Enter the keyword out to apply the ACL to outgoing trac.
implicit-permit (OPTIONAL) Enter the keyword implicit-permit to change the default action of the
ACL from implicit-deny to implicit-permit (that is, if the trac does not match the lters
in the ACL, the trac is permitted instead of dropped).
vlan vlan-id (OPTIONAL) Enter the keyword vlan then the ID numbers of the VLANs. The range is
from 1 to 4094 (you can use IDs from 1 to 4094).
vrf vrf-name (OPTIONAL) Enter the keyword vrf then the ID numbers of the VRFs. The range is from
1 to 63 (you can use IDs from 1 to 63).
NOTE: When you specify a single VRF, use the name of the VRF instead of
the VRF ID number. Use the VRF ID numbers only when you specify a range
of VRFs.
layer3 (OPTIONAL) Enter the keyword layer3 to enable layer 3 mode. It ensures that all the
ACL rules in the access-group are applied only for L3 router packets.
Defaults Not enabled.
Command Modes INTERFACE/VRF MODE
Command History
This guide is platform-specic. For command information about other platforms, see the relevant Dell Networking
OS Command Line Reference Guide.
Version Description
9.8(1.0) Introduced on the Z9100–ON.
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000–ON.
9.2(1.0) Introduced on the Z9500.
9.0.2.0 Introduced on the S6000.
8.3.19.0 Introduced on the S4820T.
8.3.11.1 Introduced on the Z9000.
8.3.7.0 Introduced on the S4810.
188 Access Control Lists (ACL)