Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)
Send feedback to nx5000-docfeedback@cisco.com
20-17
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 20 Configuring ACLs
Configuring VACLs
To apply a VACL to a VLAN, perform this task:
Verifying VACL Configuration
To display VACL configuration information, perform one of the following tasks:
Displaying and Clearing VACL Statistics
To display or clear VACL statistics, perform one of the following tasks:
This example shows how to configure a VACL to forward traffic permitted by an IP ACL named
acl-ip-01 and how to apply the VACL to VLANs 50 through 82:
configure terminal
vlan access-map acl-ip-map
match ip address acl-ip-01
action forward
vlan filter acl-ip-map vlan-list 50-82
Command Purpose
Step 1
switch# configure terminal
Enters configuration mode.
Step 2
switch(config)# [no] vlan filter
map-name vlan-list list
Applies the VACL to the VLANs by the list that you
specified. The no option unapplies the VACL.
The vlan-list command can specify a list of up to 32
VLANs, but multiple vlan-list commands can be
configured to cover more than 32 VLANs.
Step 3
switch(config)# show running-config
(Optional) Displays ACL configuration.
Step 4
switch(config)# copy running-config
startup-config
(Optional) Copies the running configuration to the
startup configuration.
Command Purpose
show running-config aclmgr Displays ACL configuration, including VACL-related
configuration.
show vlan filter Displays information about VACLs that are applied to
a VLAN.
show vlan access-map Displays information about VLAN access maps.
Command Purpose
show vlan access-list Displays VACL configuration. If the VLAN
access-map includes the statistics command, then the
show vlan access-list command output includes the
number of packets that have matched each rule.
clear vlan access-list counters Clears statistics for all VACLs or for a specific VACL.