Configuring A Layer 2 Acl With Aces On A Service Instance - Cisco NCS 4200 Series Configuration Manual

Layer 2 Access Control Lists on EVCs
Command or Action
Step 5
encapsulation dot1q vlan-id
Example:
Device(config-if-srv)# encapsulation dot1q 100
Step 6 mac access-group access-list-name in
Example:
Device(config-if-srv)# mac access-group
test-12-acl in
Step 7 bridge -domain bridge-id in
Example:
Device(config-if-srv)# bridge-domain 100

Configuring a Layer 2 ACL with ACEs on a Service Instance

Perform this task to configure the same ACL with three ACEs and stop all other traffic on a service instance.
SUMMARY STEPS
1. enable
2. configure terminal
3. mac access-list extended name
4. permit {src-mac mask | any} {dest-mac mask | any}
5. permit {src-mac mask | any} {dest-mac mask | any}
6. permit {src-mac mask | any} {dest-mac mask} | any}
7. deny any any
8. exit
9. interface type number
10. service instance id ethernet
11. encapsulation dot1q vlan-id
12. mac access-group access-list-name in
DETAILED STEPS
Command or Action
Step 1
enable
Configuring a Layer 2 ACL with ACEs on a Service Instance
Purpose
Defines the matching criteria to be used in order to map
ingress dot1q frames on an interface to the appropriate
service instance.
Applies a MAC ACL to control incoming traffic on the
interface.
Configure the bridge domain ID.
Purpose
Enables privileged EXEC mode.
Layer 2 Configuration Guide for Cisco NCS 4200 Series
29