CLI Reference Guide

ManualsBrandsDell ManualsserversDell Dell Networking N2000 Series

261

262

263

264

265

266

267

268

269

270

266 ACL Commands

The rate-limit command is not supported for ACLs configured in egress (out)

IPv4 access-groups.

Any – is equivalent to 0.0.0.0 255.255.255.255 for IPv4 access lists

Host – indicates specified address with mask equal to 255.255.255.255 and

address 0.0.0.0 for IPv4.

The command accepts the optional time-range parameter. The time-range

parameter allows imposing a time limitation on the IP ACL rule as defined by

the parameter

time-range-name

. If a time range with the specified name does

not exist, and the IP ACL containing this ACL rule is applied to an interface

or bound to a VLAN, then the ACL rule is applied immediately. If a time

range with the specified name exists, and the IP ACL containing this ACL

rule is applied to an interface or bound to a VLAN, then the ACL rule is

applied when the time-range with a specified name becomes active. The ACL

rule is removed when the time-range with a specified name becomes inactive.

The no form of this command is not supported, as the rules within an ACL

cannot be deleted individually. Rather the entire ACL must be deleted and

respecified.

Example

console(config-ip-acl)#deny ip any any precedence 3

deny | permit (Mac-Access-List-Configuration)

Use the deny command in Mac-Access-List Configuration mode to deny

traffic if the conditions defined in the deny statement are matched. Use the

permit command in Mac-Access-List Configuration mode to allow traffic if

the conditions defined in the permit statement are matched.

Use this command in Mac-Access-List Configuration mode to create a new

rule for the current MAC access list. Each rule is appended to the list of

configured rules for the list.

The command is enhanced to accept the optional time-range parameter. The

time-range parameter allows imposing a time limitation on the MAC ACL

rule as defined by the parameter

time-range-name

. If a time range with the

specified name does not exist, and the MAC ACL containing this ACL rule is

applied to an interface or bound to a VLAN, then the ACL rule is applied

immediately. If a time range with the specified name exists, and the MAC

ACL containing this ACL rule is applied to an interface or bound to a VLAN,

2CSNXXX_SWUM200.book Page 266 Tuesday, December 10, 2013 1:22 PM