Deployment Guide

ManualsBrandsDell ManualsAccess PlatformsFN IO Module

181

182

183

184

185

186

187

188

189

190

Usage Information

The number of entries allowed per ACL is hardware-dependent. For detailed specications on entries allowed per

ACL, refer to your line card documentation.

Example

Dell(conf)#mac-access-list access-list extended TestMATExt

Dell(config-ext-macl)#remark 5 IPv4

Dell(config-ext-macl)#seq 10 permit any any ev2 eq 800 count bytes

Dell(config-ext-macl)#remark 15 ARP

Dell(config-ext-macl)#seq 20 permit any any ev2 eq 806 count bytes

Dell(config-ext-macl)#remark 25 IPv6

Dell(config-ext-macl)#seq 30 permit any any ev2 eq 86dd count bytes

Dell(config-ext-macl)#seq 40 permit any any count bytes

Dell(config-ext-macl)#exit

Dell(conf)#do show mac accounting access-list snickers interface g0/47 in

Extended mac access-list snickers on TenGigabitEthernet 0/12

seq 10 permit any any ev2 eq 800 count bytes (559851886 packets

191402152148bytes)seq 20 permit any any ev2 eq 806 count bytes

(74481486 packets 5031686754bytes)seq 30 permit any any ev2 eq 86dd count

bytes (7751519 packets 797843521 bytes)

Related Commands

mac access-list standard — congures a standard MAC access list.

show mac accounting access-list — displays MAC access list congurations and counters (if congured).

permit

To forward packets from a specic source MAC address, congure a lter.

Syntax

permit {any | mac-source-address [mac-source-address-mask]} [count [byte]] |

log [interval minutes] [threshold-in-msgs[count] [monitor]

To remove this lter, you have two choices:

• Use the no seq sequence-number command if you know the lter’s sequence number.

•

Use the no permit {any | mac-source-address mac-source-address-mask} command.

Parameters

any Enter the keyword any to forward all packets received with a MAC address.

mac-source-

address

Enter a MAC address in nn:nn:nn:nn:nn:nn format.

mac-source-

address-mask

(OPTIONAL) Specify which bits in the MAC address must match. If no mask is specied,

a mask of 00:00:00:00:00:00 is applied (in other words, the lter allows only MAC

addresses that match).

count (OPTIONAL) Enter the keyword count to count packets processed by the lter.

byte (OPTIONAL) Enter the keyword byte to count bytes processed by the lter.

log (OPTIONAL) Enter the keyword log to enable the triggering of ACL log messages.

threshold-in msgs

count

(OPTIONAL) Enter the threshold-in-msgs keyword followed by a value to indicate

the maximum number of ACL logs that can be generated, exceeding which the generation

of ACL logs is terminated with the seq, permit, or deny commands. The threshold

range is from 1 to 100.

interval minutes (OPTIONAL) Enter the keyword interval followed by the time period in minutes at

which ACL logs must be generated. The interval range is from 1 to 10 minutes.

Access Control Lists (ACL) 185