Manualshelf

Reference Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4820T
241242243244245246247248249250
Access Control Lists (ACL) | 249
Example
FTOS(conf)#mac-access-list access-list extended TestMATExt
FTOS(config-ext-macl)#remark 5 IPv4
FTOS(config-ext-macl)#seq 10 permit any any ev2 eq 800 count bytes
FTOS(config-ext-macl)#remark 15 ARP
FTOS(config-ext-macl)#seq 20 permit any any ev2 eq 806 count bytes
FTOS(config-ext-macl)#remark 25 IPv6
FTOS(config-ext-macl)#seq 30 permit any any ev2 eq 86dd count bytes
FTOS(config-ext-macl)#seq 40 permit any any count bytes
FTOS(config-ext-macl)#exit
FTOS(conf)#do show mac accounting access-list snickers interface g0/47 in
Extended mac access-list snickers on GigabitEthernet 0/47
seq 10 permit any any ev2 eq 800 count bytes (559851886 packets 191402152148 bytes)
seq 20 permit any any ev2 eq 806 count bytes (74481486 packets 5031686754 bytes)
seq 30 permit any any ev2 eq 86dd count bytes (7751519 packets 797843521 bytes)
Related
Commands
permit
c e s
Configure a filter to pass packets matching the criteria specified.
Syntax
permit {any | host mac-address | mac-source-address mac-source-address-mask} {any |
host mac-address | mac-destination-address mac-destination-address-mask} [ethertype
operator
] [count [byte]] | [log] [monitor]
To remove this filter, you have two choices:
Use the
no seq sequence-number command syntax if you know the filters
sequence number or
Use the
no permit {any | host mac-address | mac-source-address
mac-source-address-mask} {any | mac-destination-address
mac-destination-address-mask
} command.
Parameters
mac access-list standard Configure a standard MAC access list.
show mac accounting access-list Display MAC access list configurations and counters (if
configured).
any Enter the keyword any to forward all packets.
host
Enter the keyword host followed by a MAC address to
forward packets with that host address.
mac-source-address
Enter the source MAC address in nn:nn:nn:nn:nn:nn
format.
mac-source-address-mask
Specify which bits in the MAC address must be
matched.
The MAC ACL supports an inverse mask, therefore, a
mask of ff:ff:ff:ff:ff:ff allows entries that do not match
and a mask of 00:00:00:00:00:00 only allows entries that
match exactly.
mac-destination-address
Enter the destination MAC address and mask in
nn:nn:nn:nn:nn:nn format.