Service Manual
Version Description
7.5.1.0 Introduced on the C-Series.
6.2.1.1 Introduced on the E-Series.
Usage
Information
You can assign one ACL (standard or extended ACL) to an interface.
NOTE: This command supports Loopback interfaces EE3 and EF series route processor modules
(RPMs). This command does not support Loopback interfaces ED series RPMs and S-Series
Loopback interfaces.
NOTE: If you apply outbound(egress) IP acl on a switch port, the filter applies only for routed traffic
egressing out of that port.
To associate an access-list to a non-default VRF, use the vrf attribute of this command. You can use
this command at the interface context (physical/LAG) to apply the access-list to a range of VRFs.
The VRF MODE is not available for the default and management VRFs.
Related
Commands
ip access-list standard — configures a standard ACL.
ip access-list extended — configures an extended ACL.
ip control-plane egress-filter
Enable egress Layer 3 ACL lookup for IPv4 CPU traffic.
Syntax
ip control-plane egress-filter
Defaults Not enabled.
Command Modes EXEC Privilege
Command
History
Version Description
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000–ON.
9.2(1.0) Introduced on the Z9500.
9.0.2.0 Introduced on the S6000.
8.3.19.0 Introduced on the S4820T.
8.3.11.1 Introduced on the Z9000.
8.3.7.0 Introduced on the S4810.
show ip accounting access-list
Display the IP access-lists created on the switch and the sequence of filters.
Syntax
show ip accounting {access-list access-list-name | cam_count} interface
interface [vrf vrf-name]
Parameters
access-list-name
Enter the name of the ACL to be displayed.
cam_count
List the count of the CAM rules for this ACL.
interface
interface
Enter the keyword interface then the one of the following keywords and slot/
port[/subport] or number information:
190 Access Control Lists (ACL)