Operation Manual
VLAN Commands
Mobility System Software Command Reference Guide
Version 7.3
6 – 80
See Also
● show roaming station on page 6-78
● show vlan config on page 6-81
show security l2-restrict
Displays configuration information and statistics for Layer 2 forwarding restriction.
Syntax
show security l2-restrict [vlan vlan-id | all]
Defaults
If you do not specify a VLAN name or all, information is displayed for all VLANs.
Access
Enabled.
History
Introduced in MSS Version 4.1.
Examples
The following command shows Layer 2 forwarding restriction information for all
VLANs:
MX# show security l2-restrict
VLAN Name En Drops Permit MAC Hits
---- ---------------- -- ---------- ------------------- ----------
1 default Y 0 00:0b:0e:02:53:3e 5947
00:30:b6:3e:5c:a8 9
2 vlan-2 Y 0 04:04:04:04:04:04 0
Table 6– 15 describes the fields in the display.
Table 6– 14. Output for show roaming vlan
Field Description
VLAN VLAN name.
MX System IP address of the MX on which the VLAN is configured.
Affinity Preference of this MX for forwarding user traffic for the VLAN. A higher
number indicates a greater preference.
vlan-id VLAN name or number.
all Displays information for all VLANs.
Table 6– 15. Output for show security l2-restrict
Field Description
VLAN VLAN number.
Name VLAN name.
En Enabled state of the feature for the VLAN:
❑ Y—Enabled. Forwarding of Layer 2 traffic from clients is restricted to the MAC
address(es) listed under Permit MAC.
❑ N—Disabled. Layer 2 forwarding is not restricted.
Drops Number of packets dropped because the destination MAC address is not one of the
addresses listed under Permit MAC.
Permit MAC MAC addresses that clients in the VLAN are allowed to send traffic at Layer 2.
Hits Number of packets with the source MAC address of a client in this VLAN, and the
destination MAC address was one of those listed under Permit MAC.