Specifications
2-327
Catalyst 4500 Se ries S wit ch C is co IO S C om mand R efer ence —Re lease I OS XE 3 .3.0 XO(1 5.1 (1)XO)
OL_28738 -01
Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches
mac access-list extended
mac access-li st extended
To define the extended MAC access lists, use the mac access-list extended command. To remove the
MAC access lists, use the no form of this command.
mac access-list extended name
no mac access-list extended name
Syntax Description
Defaults MAC access lists are not defined.
Command Modes Global configura tion mode
Usage Guidelines When you enter the ACL name, follow these naming conventions:
• Maximum of 31 cha racters long and can in clude a-z, A-Z, 0-9, the dash c haracter (- ), the under score
characte r (_), and the peri od cha racter (.)
• Must start with an alpha character and must be unique across all ACLs of all types
• Case sensitive
• Cannot be a number
• Must not be a keyword; keywords to avoid are all, default-action, map, help, and editbuffer
When you enter the mac access-list extended name command, you use the foll owing subset to create or
delete entries in a MAC layer access list:
[no] {permit | deny} {{src-mac mask | any} [dest-mac mask]} [protocol-family { appletalk |
arp-non-ipv4 | decnet | ipx | ipv6 | rarp-ipv4 | rarp-non-ipv4 | vines | xns} | <arbitrary et hertype> |
name-coded ethertyp e].
Table 2-7 describes the syntax of the mac access-list extended subcommands.
name ACL to which the entry belongs.
Table 2-7 ma c access -list exte nded Su bcomman ds
Subcommand Description
any Specifies any source-host or destination-host.
arbitrary ethertype (Optional) Specifies an arbitrary ethertype in the range 1536 to 65535
(Decimal or Hexadecimal)
deny Prevents access if the conditions are matched.
dest-mac mask ( Optional) Specifies a destination MAC address of the form:
dest-mac-address dest- mac-address-ma sk.