Mac Access-List - Cisco Nexus 5500 Series Command Reference Manual

mac access-list

mac access-list
To create a Media Access Control (MAC) access control list (ACL) or to enter MAC access list
configuration mode for a specific ACL, use the mac access-list command. To remove a MAC ACL, use
the no form of this command.
Syntax Description
access-list-name
Command Default
No MAC ACLs are defined by default.
Command Modes Global configuration mode
Command History Release
5.2(1)N1(1)
Usage Guidelines
Use MAC ACLs to filter non-IP traffic.
When you use the mac access-list command, the switch enters MAC access list configuration mode,
where you can use the MAC deny and permit commands to configure rules for the ACL. If the ACL
specified does not exist, the switch creates it when you enter this command.
Use the mac access-group command to apply the ACL to an interface.
Every MAC ACL has the following implicit rule as its last rule:
deny any any protocol
This implicit rule ensures that the switch denies the unmatched traffic, regardless of the protocol
specified in the Layer 2 header of the traffic.
Examples
This example shows how to enter MAC access list configuration mode for a MAC ACL named
mac-acl-01:
switch(config)# mac access-list mac-acl-01
switch(config-acl)#
Related Commands Command
deny (MAC)
mac access-group
Cisco Nexus 5500 Series NX-OS Security Command Reference
146
mac access-list access-list-name
no mac access-list access-list-name
Name of the MAC ACL, which can be up to 64 alphanumeric, case-sensitive
characters long.
Modification
This command was introduced.
Description
Configures a deny rule in a MAC ACL.
Applies a MAC ACL to an interface.
Chapter M Commands
OL-27883-02