beautypg.com

Deleting a numbered layer-2 acl entry – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 97

background image

Multi-Service IronWare Security Configuration Guide

79

53-1003035-02

Creating a numbered Layer-2 ACL table

2

Deleting a numbered Layer-2 ACL entry

You can delete an ACL filter rule by providing the sequence number or without providing the
sequence number. To delete an ACL filter rule without providing a sequence number you must
specify the filter rule attributes. To delete an ACL filter rule providing a sequence number you can
provide the sequence number alone or the sequence number and the other filter rule attributes.

To delete a filter rule with the sequence number “23” from Layer-2 access list “401” by specifying
the sequence number alone, enter the following command.

Brocade(config)# no access-list 401 sequence 23

You can also delete this entry by specifying both the entry sequence number and filter rule
attributes. For example:

Brocade(config)# no access-list 401 sequence 23 permit 0000.1111.1121

ffff.ffff.ffff any 23 etype any

Alternatively, you can delete this rule by providing the filter rule attributes only. For example:

Brocade(config)# no access-list 401 permit 0000.1111.1121 ffff.ffff.ffff any 23

etype any

NOTE

If you try to delete an ACL filter rule using the sequence number, but the sequence number that you
specify does not exist, the following error message will be displayed.

"Error: Entry with sequence 20 does not exist!"

Syntax: [no] access-list num [sequence num] permit | deny {src-mac mask | any} {dest-mac mask

| any} [{vlan-id | any}] [etype etype-str] [priority 802.1p-value | priority-force 802.1p-value
| priority-mapping 802.1p-value | mark-flow-id | dscp-marking number]

Syntax: access-list num regenerate-seq-num [num]

The num parameter specifies the Layer-2 ACL table that the clause belongs to. The table ID can
range from 400 to 1399. You can define a total of 1000 Layer-2 ACL tables.

NOTE

If users configure the maximum L2 ACL of 1399, the other ACL types, such as IP and IPv6 ACL,
will have limited space. It may affect memory usage in CES or CER and MLX or XMR.

Parameters to configure numbered Layer-2 ACL statements

The sequence parameter specifies where the conditional statement is to be added in the access
list. You can add a conditional statement at particular place in an access list by specifying the entry
number using the sequence keyword. The range is from 1 through 214748364. If the sequence
num option is not specified, a default sequence number is applied to the clause. The default value
is 10+ the sequence number of the last ACL filter rule provisioned in the ACL table. The default
value for the first clause in a Layer-2 ACL table is “10”.

The permit | deny argument determines the action to be taken when a match occurs.

See also other documents in the category Brocade Computer Accessories: