Cisco Nexus 5500 Series Command Reference Manual page 224
Nx-os security command reference
Hide thumbs
Also See for Nexus 5500 Series:
- Hardware installation manual (142 pages) ,
- Command reference manual (460 pages) ,
- Configuration manual (160 pages)
Table of Contents
Advertisement
permit (MAC)
Command History
Release
5.2(1)N1(1)
Usage Guidelines
When the switch applies a MAC ACL to a packet, it evaluates the packet with every rule in the ACL. The
switch enforces the first rule whose conditions are satisfied by the packet. When the conditions of more
than one rule are satisfied, the switch enforces the rule with the lowest sequence number.
Source and Destination
You can specify the source and destination arguments in one of two ways. In each rule, the method you
use to specify one of these arguments does not affect how you specify the other. When you configure a
rule, use the following methods to specify the source and destination arguments:
•
•
MAC Protocols
The protocol argument can be the MAC protocol number or a keyword. The protocol number is a
four-byte hexadecimal number prefixed with 0x. Valid protocol numbers are from 0x0 to 0xffff. Valid
keywords are the following:
•
•
•
•
•
•
•
•
•
•
•
•
Cisco Nexus 5500 Series NX-OS Security Command Reference
210
Modification
This command was introduced.
Address and mask—You can use a MAC address followed by a mask to specify a single address or
a group of addresses. The syntax is as follows:
MAC-address MAC-mask
This example specifies the source argument with the MAC address 00c0.4f03.0a72:
switch(config-acl)# permit 00c0.4f03.0a72 0000.0000.0000 any
This example specifies the destination argument with a MAC address for all hosts with a MAC
vendor code of 00603e:
switch(config-acl)# permit any 0060.3e00.0000 0000.0000.0000
Any address—You can use the any keyword to specify that a source or destination is any MAC
address. For examples of the use of the any keyword, see the examples in this section. Each of the
examples shows how to specify a source or destination by using the any keyword.
aarp—Appletalk ARP (0x80f3)
appletalk—Appletalk (0x809b)
decnet-iv—DECnet Phase IV (0x6003)
diagnostic—DEC Diagnostic Protocol (0x6005)
etype-6000—Ethertype 0x6000 (0x6000)
etype-8042—Ethertype 0x8042 (0x8042)
ip—Internet Protocol v4 (0x0800)
lat—DEC LAT (0x6004)
lavc-sca—DEC LAVC, SCA (0x6007)
mop-console—DEC MOP Remote console (0x6002)
mop-dump—DEC MOP dump (0x6001)
vines-echo—VINES Echo (0x0baf)
Chapter
P Commands
OL-27883-02
- Quick Links:
- Show Ip Arp
Hide quick links:
Advertisement
Table of Contents
