7 mac access control list (acl) commands, 1 mac access-list extended, 2 mac access-list extended rename – Kontron AT890X Full-Size CLI User Manual

Quality of Service (QoS) Commands

AT8901/2/3

AT8901/2/3 CLI Reference Manual

Page 4 - 24

4.7

MAC Access Control List (ACL) Commands

This section describes the commands you use to configure MAC ACL settings. MAC
ACLs ensure that only authorized users have access to specific resources and block any
unwarranted attempts to reach network resources.

The following rules apply+-to MAC ACLs:

•

The maximum number of ACLs you create is 100, regardless of type.

•

The system supports only Ethernet II frame types.

•

The maximum number of rules per MAC ACL is hardware dependent.

•

For the Broadcom 5630x platform, if you configure an IP ACL on an interface, you
cannot configure a MAC ACL on the same interface.

4.7.1

mac access-list extended

This command creates a MAC Access Control List (ACL) identified by

,

consisting of classification fields defined for the Layer 2 header of an Ethernet frame.
The

parameter is a case-sensitive alphanumeric string from 1 to 31 characters

uniquely identifying the MAC access list.

If a MAC ACL by this name already exists, this command enters Mac-Access-List
config mode to allow updating the existing MAC ACL.

NOTE: The CLI mode changes to Mac-Access-List Config mode when you

successfully execute this command.

Format

mac access-list extended

Mode

Global Config

4.7.1.1

no mac access-list extended

This command deletes a MAC ACL identified by

from the system.

Format

no mac access-list extended

Mode

Global Config

4.7.2

mac access-list extended rename

This command changes the name of a MAC Access Control List (ACL). The

parameter is the name of an existing MAC ACL. The

parameter is a case-

sensitive alphanumeric string from 1 to 31 characters uniquely identifying the MAC
access list.

This command fails if a MAC ACL by the name

already exists.

Format

mac access-list extended rename

Mode

Global Config