IBM RackSwitch G8000 Application Manual page 89
A top-of-rack (tor) switch
Hide thumbs
Also See for RackSwitch G8000:
- Manual (18 pages) ,
- Manual (14 pages) ,
- Installation manual (86 pages)
Table of Contents
Advertisement
© Copyright IBM Corp. 2011
ACL Example 4
Use this configuration to deny all ARP packets that ingress a port.
1. Configure an Access Control List.
RS G8000(config)# access-control list 2 ethernet ethernet-type arp
RS G8000(config)# access-control list 2 action deny
2. Add ACL 2 to port EXT2.
RS G8000(config)# interface port 2
RS G8000(config-if)# access-control list 2
RS G8000(config-if)# exit
ACL Example 5
Use the following configuration to permit access to hosts with destination MAC
address that matches 11:05:00:10:00:00 FF:F5:FF:FF:FF:FF and deny access to all
other hosts.
1. Configure Access Control Lists.
RS G8000(config)# access-control list 30 ethernet
destination-mac-address 11:05:00:10:00:00 FF:F5:FF:FF:FF:FF
RS G8000(config)# access-control list 30 action permit
RS G8000(config)# access-control list 100 ethernet
destination-mac-address 00:00:00:00:00:00 00:00:00:00:00:00
RS G8000(config)# access-control list 100 action deny
2. Add ACLs to a port.
RS G8000(config)# interface port 2
RS G8000(config-if)# access-control list 30
RS G8000(config-if)# access-control list 100
RS G8000(config-if)# exit
ACL Example 6
This configuration blocks traffic from a network that is destined for a specific egress
port. All traffic that ingresses port 1 from the network 100.10.1.0/24 and is destined
for port 3 is denied.
1. Configure an Access Control List.
RS G8000(config)# access-control list 4 ipv4 source-ip-address
100.10.1.0 255.255.255.0
RS G8000(config)# access-control list 4 egress-port 3
RS G8000(config)# access-control list 4 action deny
2. Add ACL 4 to port 1.
RS G8000(config)# interface port 1
RS G8000(config-if)# access-control list 4
RS G8000(config-if)# exit
Chapter 7. Access Control Lists
87
Advertisement
Table of Contents
Troubleshooting
