What To Do Next; Applying Ethernet Services Access Lists - Cisco ASR 9000 Series Configuration Manuallines
L2vpn and ethernet services configuration guide
Hide thumbs
Also See for ASR 9000 Series:
- Command reference manual (1138 pages) ,
- Routing configuration manual (702 pages) ,
- Reference manual (696 pages)
Table of Contents
Advertisement
Implementing of Layer 2 Access Lists
Example:
RP/0/RSP0/CPU0:router(config)# ethernet-service access-list L2ACL2
Enters Ethernet services access list configuration mode and configures access list L2ACL2.
Step 3
[ sequence-number ] { permit | deny } { src-mac-address src-mac-mask | any | host } [ { ethertype-number } | vlan
min-vlan-ID [ max-vlan-ID ] ] [ cos cos-value ] [ dei ] [ inner-vlan min-vlan-ID [ max-vlan-ID] ] inner-cos cos-value
] [ inner-dei ]
Example:
RP/0/RSP0/CPU0:router(config-es-al)# 0 permit 1.2.3 3.2.1
or
RP/0/RSP0/CPU0:router(config-es-al)# 30 deny any dei
Specifies one or more conditions allowed or denied, which determines whether the packet is passed or dropped.
Step 4
Repeat Step 3 as necessary, adding statements by sequence number where you planned. Use the no sequence-number
command to delete an entry.
Allows you to revise an access list.
Step 5
Use the commit or end command.
commit - Saves the configuration changes and remains within the configuration session.
end - Prompts user to take one of these actions:
• Yes - Saves configuration changes and exits the configuration session.
• No - Exits the configuration session without committing the configuration changes.
• Cancel - Remains in the configuration mode, without committing the configuration changes.
What to Do Next
After creating an Ethernet services access list, you must apply it to an interface. See the
Services Access Lists
Applying Ethernet Services Access Lists
After you create an access list, you must reference the access list to make it work. Access lists can be applied
on either outbound or inbound interfaces. This section describes guidelines on how to accomplish this task
for both terminal lines and network interfaces.
For inbound access lists, after receiving a packet, Cisco IOS XR software checks the source MAC address of
the packet against the access list. If the access list permits the address, the software continues to process the
packet. If the access list rejects the address, the software discards the packet.
For outbound access lists, after receiving and routing a packet to a controlled interface, the software checks
the source MAC address of the packet against the access list. If the access list permits the address, the software
sends the packet. If the access list rejects the address, the software discards the packet.
section for information about how to apply an access list.
L2VPN and Ethernet Services Configuration Guide for Cisco ASR 9000 Series Routers, IOS XR Release 6.3.x
What to Do Next
Applying Ethernet
467
Advertisement
Table of Contents
