Example Configuration For Mac Acls; Information About Vlan Acls; Vacls And Access Maps; Vacls And Actions - Cisco Nexus 5000 Series Configuration Manual

VACLs and Access Maps

SUMMARY STEPS
1. switch# show mac access-lists
2. switch# clear mac access-list counters
DETAILED STEPS
Command or Action
Step 1
switch# show mac access-lists
Step 2
switch# clear mac access-list counters

Example Configuration for MAC ACLs

This example shows how to create a MAC ACL named acl-mac-01 and apply it to Ethernet interface 1/1:
switch# configure terminal
switch(config)# mac access-list acl-mac-01
switch(config-mac-acl)# permit 00c0.4f00.0000 0000.00ff.ffff any
switch(config-mac-acl)# exit
switch(config)# interface ethernet 1/1
switch(config-if)# mac access-group acl-mac-01

Information About VLAN ACLs

A VLAN ACL (VACL) is one application of a MAC ACL or IP ACL. You can configure VACLs to apply
to all packets that are bridged within a VLAN. VACLs are used strictly for security packet filtering. VACLs
are not defined by direction (ingress or egress).
VACLs and Access Maps
VACLs use access maps to link an IP ACL or a MAC ACL to an action. The switch takes the configured
action on packets permitted by the VACL.

VACLs and Actions

In access map configuration mode, you use the action command to specify one of the following actions:
• Forward—Sends the traffic to the destination determined by normal operation of the switch.
• Drop—Drops the traffic.
OL-20919-01
Purpose
Displays MAC ACL configuration. If the MAC ACL includes the
statistics command, the show mac access-lists command output includes
the number of packets that have matched each rule.
Clears statistics for all MAC ACLs or for a specific MAC ACL.
Cisco Nexus 5000 Series NX-OS Security Configuration Guide

Example Configuration for MAC ACLs

89