Service Manual
Usage Information You can assign one ACL (standard or extended ACL) to an interface.
NOTE: This command supports Loopback interfaces EE3 and EF series route processor modules
(RPMs). This command does not support Loopback interfaces ED series RPMs and S-Series
Loopback interfaces.
NOTE: If you apply outbound(egress) IP acl on a switch port, the lter applies only for routed
trac egressing out of that port.
To associate an access-list to a non-default VRF, use the vrf attribute of this command. You can use this
command at the interface context (physical/LAG) to apply the access-list to a range of VRFs.
The VRF MODE is not available for the default and management VRFs.
Related Commands
ip access-list standard — congures a standard ACL.
ip access-list extended — congures an extended ACL.
ip control-plane
egress-lter
Enable egress Layer 3 ACL lookup for IPv4 CPU trac.
Syntax
ip control-plane egress-filter
Defaults Not enabled.
Command Modes EXEC Privilege
Command History
Version Description
9.7(0.0) Introduced on the S6000–ON.
9.0.2.0 Introduced on the S6000.
8.3.19.0 Introduced on the S4820T.
8.3.11.1 Introduced on the Z9000.
8.3.7.0 Introduced on the S4810.
show ip accounting access-list
Display the IP access-lists created on the switch and the sequence of lters.
Syntax
show ip accounting {access-list access-list-name | cam_count} interface
interface [vrf vrf-name]
Parameters
access-list-name Enter the name of the ACL to be displayed.
cam_count List the count of the CAM rules for this ACL.
interface interface Enter the keyword interface then the one of the following keywords and slot/
port[/subport] or number information:
• For a 10-Gigabit Ethernet interface, enter the keyword
TenGigabitEthernet then the slot/port/subport information.
•
For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE then the
slot/port information.
Access Control Lists (ACL)
163