Ethertype
0x0806
0x0842
0x8035
0x8100
0x86DD
0x8808
0x8809
0x8870
0x888E
0x88CC
0x8906
0x8914
0x9100
In order to provide the greatest amount of flexibility in configuring ACLs, the
permit/deny syntax allows combinations of matching criteria that may not
make sense when applied in practice.
Port ranges are not supported for ACLs configured in egress (out) access-
groups. This means that only the eq operator is supported in an egress (out)
ACL.
The protocol type must be sctp, tcp or udp to specify a port range.
The fragment keyword is not supported for ACLs configured in egress (out)
IPv4 access-groups.
The rate-limit command is not supported for ACLs configured in egress (out)
IPv4 access-groups on the N4000 switches. Rate limits are only valid for
permit rules.
Any – is equivalent to 0.0.0.0 255.255.255.255 for IPv4 access lists
Host – indicates specified address with mask equal to 255.255.255.255 and
address 0.0.0.0 for IPv4.
Protocol
Address Resolution Protocol (ARP)
Wake-on LAN Packet
Reverse Address Resolution Protocol (RARP)
VLAN tagged frame (IEEE 802.1Q)
Internet Protocol version 6 (IPv6)
MAC Control
Slow Protocols (IEEE 802.3)
Jumbo frames
EAP over LAN (EAPOL – IEEE 802.1x)
Link Layer Discovery Protocol
Fibre Channel over Ethernet
FCoE Initialization Protocol
Q in Q
Layer 2 Switching Commands
269