Users Guide
Extended MAC ACL Commands
When an access-list is created without any rule and then applied to an interface, ACL behavior reects implicit permit. The following
commands congure Extended MAC ACLs.
The Switch supports both Ingress and Egress MAC ACLs.
mac access-list standard
To congure a standard MAC ACL, name a new or existing MAC access control list (MAC ACL) and enter MAC ACCESS LIST mode.
Syntax
mac access-list standard mac-list-name
Parameters
mac-list-name Enter a text string as the name of the standard MAC access list (140 character
maximum).
Defaults Not congured.
Command Modes CONFIGURATION
Supported Modes Full–Switch
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
Usage Information
The Dell operating system supports one ingress and one egress MAC ACL per interface.
The number of entries allowed per ACL is hardware-dependent. For detailed specication about entries allowed per
ACL, refer to your switch documentation.
The switch supports both ingress and egress ACLs.
Example
Dell(conf)#mac-access-list access-list standard TestMAC
Dell(config-std-macl)#permit 00:00:00:00:00:00 00:00:00:00:ff:ff count
Dell(config-std-macl)#deny any count
permit
To pass packets matching the criteria specied, congure a lter.
Syntax
permit {any | host mac-address | mac-source-address mac-source-address-mask}
{any | host mac-address | mac-destination-address mac-destination-address-mask}
[ethertype operator] [count [byte]]
To remove this lter, you have two choices:
• Use the no seq sequence-number command if you know the lter’s sequence number.
192 Access Control Lists (ACL)