Brocade Communications Systems RFS6000 User Manual
Page 502
500
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
53-1001931-01
MAC Extended ACL config commands
16
Parameters
Usage Guidelines
When creating a Port ACL, the controller (by default) does not permit an ethertype WISP. Create a
rule to allow WISP to adopt access points. Use the following command to adopt access points:
permit any any type wisp
NOTE
Use the following command to attach a MAC access list to a port on a layer 2 interface:
mac access-group
The permit command in the MAC ACL disallows traffic based on layer 2 (data-link layer)
information. A MAC access list permits traffic from a source MAC address or any MAC address. It
also has an option to allow traffic from a list of MAC addresses (based on the source mask).
The MAC access list can be configured to allow traffic based on VLAN information, ethernet type.
Common types include:
•
arp
•
wisp
•
ip
•
802.1q
permit [
Specifies the bits to match. The source wildcard can be
any one of the following:
•
xx:xx:xx:xx:xx:xx/xx:xx:xx:xx:xx:xx
Source MAC address and mask
•
any – Uses any source host
•
host – Defines the MAC address to match
permit [
{
Bit mask specifying the bits to match. The destination
wildcard can be one of the following:
•
xx:xx:xx:xx:xx:xx/xx:xx:xx:xx:xx:xx
Destination MAC address and mask
•
any – Uses any available destination host
•
host – Defines the destination MAC address
dot1p<0-7>
Establishes the 802.1p priority
rule-precedence<1-5000>
Defines an access list entry precedence
type(8021q|<1-65535>|aarp|arp|a
ppletalk|ip|ipv6|ipx|rarp|vlan|wisp)
Sets an ethertype
•
8021q –VLAN Ether type (0*8100)
•
<1-65535> – Ether protocol number
•
aarp – AARP Ether Type ( 0*80F3)
•
appletalk – APPLETALK Ether Type
(0*809B)
•
arp – ARP Ether Type (0*0806)
•
ip – IP Ether Type (0*0800)
•
ipv6 – IPv6 Ether Type (0*86DD)
•
ipx – IPX Ether Type (0*8137)
•
rarp – RARP Ether Type (0*8035)
•
wisp – WISP Ether Type (0*8783)
vlan<1-4095>
Sets the VLAN ID