Mellanox MLNX-OS User Manual for SX1018HP Ethernet Managed Blade Switch

ManualsBrandsHP ManualsComputer AccessoriesMellanox SX1018HP Ethernet Switch for c-Class BladeSystem

511

512

513

514

515

516

517

518

519

520

Rev 2.10

Mellanox Technologies

517

Mellanox Technologies Confidential

deny/permit (MAC ACL rule)

[seq-number <sequence-number>] {deny|permit } {any | <source-mac> [mask

<mac>]} {any |<destination-mac> [mask <mac>]} [protocol <protocol>] [cos

<cos-value>] [vlan <vlan-id>] [action <action-id>]

no <sequence-number>

Creates a rule for MAC ACL.

The no form of the command deletes a rule from the MAC ACL.

Syntax Description sequence-number Optional parameter to set a specific sequence number

for the rule. The range is:1-500.

deny | permit Determines the type of the rule, denies or permits

action.

{any | <source-mac>

[mask <mac>]}

Sets source MAC and optionally sets a mask for that

MAC. The “any” option will cause the rule not to check

the source MAC.

{any | <destination-mac>

[mask <mac>]}

Sets destination MAC and optionally sets a mask for

that MAC. The “any” option will cause the rule not to

check the destination MAC.

protocol Sets the Ethertype filed value from the MAC address.

Possible range is: 0x0000-0xffff.

cos-value Sets the COS (priority bits) field, possible range is: 0-7.

vlan-id Sets the VLAN ID field, possible range is 0-4095.

Default No rule is added by default to access control list.

Default sequence number is in multiple of 10.

Configuration Mode Config MAC ACL

History 3.1.1400

Role admin

Example

switch (config mac access-list my-list) # seq-number 10 deny

0a:0a:0a:0a:0a:0a mask ff:ff:ff:ff:ff:ff any vlan 6 cos 2 protocol 80

switch (config mac access-list my-list) #

Related Commands ipv4/mac access-list

ipv4/mac port access-group

Note