Reference Guide
Version Description
7.5.1.0 Introduced on the C-Series.
6.1.1.0 Introduced on the E-Series.
Usage Information You can assign one ACL (standard or extended) to an interface.
If you apply a MAC ACL on a VLAN:
• None of the VLAN members can have another ACL applied which has an entry
for the VLAN.
• The VLAN cannot belong to an ACL VLAN group.
If you apply a MAC ACL on a physical or port-channel interface, a VLAN to which
the port is associated cannot have another ACL applied.
If you apply a MAC ACL on an ACL VLAN group, none of the VLANs in the group
can have another ACL applied.
Related
Commands
mac access-list standard — configures a standard MAC ACL.
mac access-list extended — configures an extended MAC ACL.
show mac access-lists
Display all of the Layer 2 ACLs configured in the system, whether or not they are applied to an interface,
and the count of matches/mismatches against each ACL entry displayed.
C9000 Series
Syntax
show mac access-lists [acl_name word | interface } {in | out |
interface}
Parameters
access-list Displays information on all L2 access-lists configured.
acl_name word Enter the acl_name word , up to 140 characters, for
specified access-list.
interface interface Enter the keyword interface then the one of the
following keywords and slot/port or number information:
• For a Port Channel interface, enter the keyword port-
channel
and then enter a number. The C-Series and S-
Series range is from 1 to 128.
• For a 10-Gigabit Ethernet interface, enter the keyword
TenGigabitEthernet and then enter the slot/port
information.
• For a 40-Gigabit Ethernet interface, enter the keyword
fortyGigE and then enter the slot/port information.
• For a VLAN interface, enter the keyword VLAN followed
by the vlan id.
Access Control Lists (ACL)
309