beautypg.com

Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 863

background image

IPv4 Hardware Access Control List (ACL) Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

34.17

Mode

Global Configuration

Default

Any traffic on an interface controlled by a hardware ACL that does not explicitly match a
filter is permitted.

Usage

This command creates an access-list for use with hardware classification, such as when
applying QoS. The <4000-4699> range MAC hardware access-list will match on packets
that have the specified source and destination MAC addresses. You may apply the any
parameter if the source or destination MAC host address is not important.

Examples

To create an access-list that will permit packets with a MAC address of 0000.00ab.1234
and any destination address enter the commands:

To create an access-list that will permit packets with an initial MAC address component of

0000.00ab

and any destination address, enter the commands:

To create an access-list that will copy-to-mirror packets with an initial MAC address
component of 0000.00ab and any destination address for use with the

mirror interface

command, enter the commands:

To destroy the access-list with an access-list identity of 4000 enter the commands:

inner-vlan

This parameter is used within double-tagged VLANs. It
is the inner VLAN tag (VID); sometimes referred to as
the C-TAG (Customer VLAN TAG), where the vlan VID
tag is referred to as the S-TAG (Service VLAN TAG).

<1-4094>

The inner VLAN VID.

Parameter(cont.)

Description(cont.)

Note

Hardware ACLs will permit access unless explicitly denied by an ACL action.

awplus#

configure terminal

awplus(config)#

access-list 4000 permit 0000.00ab.1234
0000.0000.0000 any

awplus#

configure terminal

awplus(config)#

access-list 4001 permit 0000.00ab.1234
0000.0000.FFFF any

awplus#

configure terminal

awplus(config)#

access-list 4001 copy-to-mirror 0000.00ab.1234
0000.0000.FFFF any

awplus#

configure terminal

awplus(config)#

no access-list 4000

See also other documents in the category Allied Telesis Computer hardware: