Deny Ether-Type - Dell Force10 Z9000 Reference Manual
Ftos command line reference guide for the z9000 system ftos 9.1.(0.0)
Hide thumbs
Also See for Force10 Z9000:
- Configuration manual (984 pages) ,
- Manual (56 pages) ,
- Quick start manual (25 pages)
Table of Contents
Advertisement
The monitor option is relevant in the context of flow-based monitoring only. For more
information, refer to the
When you use the log option, the CP processor logs details the packets that match.
Depending on how many packets match the log entry and at what rate, the CP may become
busy as it has to log these packets' details.
You cannot include IP, TCP or UDP (Layer 3) filters in an ACL configured with ARP or Ether-type
(Layer 2) filters. Apply Layer 2 ACLs (ARP and Ether-type) to Layer 2 interfaces only.
deny ether-type
Configure an egress filter that drops specified types of Ethernet packets on egress ACL supported line cards. (For more
information, refer to your line card documentation).
E-Series
Syntax
deny ether-type protocol-type-number {destination-mac-address
mac-address-mask | any} vlan vlan-id {source-mac-address mac-
address-mask | any} [count [byte] | log] [order] [monitor]
To remove this filter, you have two choices:
Parameters
protocol-type-
number
destination-mac-
address mac-
address-mask
any
vlan
source-mac-
address mac-
address-mask
230
Port
Monitoring.
NOTE: When ACL logging and byte counters are configured simultaneously, byte counters
may display an incorrect value. Configure packet counters with logging instead.
•
Use the no seq sequence-number command if you know the filter's sequence
number.
•
Use the no deny ether-type protocol-type-number
{destination-mac-address mac-address-mask | any} vlan
vlan-id {source-mac-address mac-address-mask | any}
command.
Enter a number from 600 to FFFF as the specific Ethernet type traffic
to drop.
Enter a MAC address and mask in the nn:nn:nn:nn:nn format.
For the MAC address mask, specify which bits in the MAC address
must match.
The MAC ACL supports an inverse mask; therefore, a mask of
ff:ff:ff:ff:ff:ff allows entries that do not match and a mask of
00:00:00:00:00:00 only allows entries that match exactly.
Enter the keyword any to match and drop specific Ethernet traffic on
the interface.
vlan-id
Enter the keyword vlan and then enter the VLAN ID to filter traffic
associated with a specific VLAN. The range is 1 to 4094 and 1 to 2094
for ExaScale ( you can use IDs 1 to 4094). To filter all VLAN traffic,
specify VLAN 1.
Enter a MAC address and mask in the nn:nn:nn:nn:nn format.
For the MAC address mask, specify which bits in the MAC address
must match.
Advertisement
Table of Contents
