beautypg.com

1 mac access-list extended, 2 mac access-list extended rename, 3 {deny | permit – Kontron AT8904 CLI User Manual

Page 192: Mac access-list extended - 24, Mac access-list extended rename - 24, Deny | permit} - 24, Quality of service (qos) commands at8904m

background image

Quality of Service (QoS) Commands

AT8904M

AT8904M CLI Reference Manual

Page 4 - 24

4.7.1

mac access-list extended

This command creates a MAC Access Control List (ACL) identified by

,

consisting of classification fields defined for the Layer 2 header of an Ethernet frame.
The

parameter is a case-sensitive alphanumeric string from 1 to 31 characters

uniquely identifying the MAC access list.

If a MAC ACL by this name already exists, this command enters Mac-Access-List
config mode to allow updating the existing MAC ACL.

NOTE: The CLI mode changes to Mac-Access-List Config mode when you

successfully execute this command.

Format

mac access-list extended

Mode

Global Config

4.7.1.1

no mac access-list extended

This command deletes a MAC ACL identified by

from the system.

Format

no mac access-list extended

Mode

Global Config

4.7.2

mac access-list extended rename

This command changes the name of a MAC Access Control List (ACL). The

parameter is the name of an existing MAC ACL. The

parameter is a case-

sensitive alphanumeric string from 1 to 31 characters uniquely identifying the MAC
access list.

This command fails if a MAC ACL by the name

already exists.

Format

mac access-list extended rename

Mode

Global Config

4.7.3

{deny | permit}

This command creates a new rule for the current MAC access list. Each rule is
appended to the list of configured rules for the list.

NOTE: The 'no' form of this command is not supported, since the rules within

a MAC ACL cannot be deleted individually. Rather, the entire MAC
ACL must be deleted and re-specified.

NOTE: An implicit 'deny all' MAC rule always terminates the access list.

NOTE: For BCM5630x and BCM5650x based systems, assign-queue, redi-

rect, and mirror attributes are configurable for a deny rule, but they
have no operational effect.

A rule may either deny or permit traffic according to the specified classification fields.
At a minimum, the source and destination MAC value must be specified, each of which
may be substituted using the keyword any to indicate a match on any value in that
field. The remaining command parameters are all optional, but the most frequently
used parameters appear in the same relative order as shown in the command format.

See also other documents in the category Kontron Hardware: