beautypg.com

Creating an extended mac acl and adding rules – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

Page 439

background image

Network OS NETCONF Operations Guide

407

53-1003231-02

ACL configuration and management

28

6. Issue the RPC to save the running-config file to the startup-config file.

The following example creates a standard MAC ACL named test_01 and adds two rules to it:

Rule 100 drops traffic from source MAC address 0011.2222.3333 and maintains a count of
packets dropped.

Rule 1000 allows traffic from source MAC address 0022.1111.2222 and maintains a count of
packets allowed.

test_01

100

deny

0011.2222.3333

ffff.ffff.ffff

1000

permit

0022.1111.2222

ffff.ffff.ffff

Creating an extended MAC ACL and adding rules

The MAC ACL name length is limited to 64 characters. A MAC ACL does not take effect until it is
applied to a Layer 2 interface. Refer to

“Applying a MAC ACL to a DCB interface”

on page 409 and

“Applying a MAC ACL to a VLAN interface”

on page 410.

To create an extended MAC ACL and add rules, perform the following steps.

1. Issue the RPC to configure the node in the

urn:brocade.com:mgmt:brocade-mac-access-list namespace.

2. Under the node, include the / hierarchy of node elements to

create an extended ACL.