•
802.1p priority (VLAN priority).
•
Link layer protocol type.
To configure a Layer 2 ACL:
Step
1.
Enter system view.
2.
Create a Layer 2 ACL and
enter its view.
3.
(Optional.)
description for the Layer 2
ACL.
4.
(Optional.)
numbering step.
5.
Create or edit a rule.
6.
(Optional.) Add or edit a rule
comment.
Copying an ACL
You can create an ACL by copying an existing ACL (source ACL). The new ACL (destination ACL)
has the same properties and content as the source ACL, but uses a different number or name than
the source ACL.
To successfully copy an ACL, make sure:
•
The destination ACL number is from the same type as the source ACL number.
•
The source ACL already exists, but the destination ACL does not.
To copy an ACL:
Step
1.
Enter system view.
2.
Copy an existing ACL to create a new ACL.
Command
system-view
acl mac { acl-number | name
acl-name } [ match-order { auto |
config } ]
Configure
a
description text
Set
the
rule
step step-value
rule [ rule-id ] { deny | permit }
[
cos
dest-mac
dest-mask | { lsap lsap-type
lsap-type-mask
protocol-type
protocol-type-mask
source-mac
source-mask
time-range-name ] *
rule rule-id comment text
dot1p
|
counting
|
dest-address
|
type
}
|
source-address
|
time-range
Command
system-view
acl [ ipv6 | mac ] copy { source-acl-number | name
source-acl-name } to { dest-acl-number | name
dest-acl-name }
14
Remarks
N/A
By default, no ACLs exist.
The value range for a numbered
Layer 2 ACL is 4000 to 4999.
Use the acl mac acl-number
command to enter the view of a
numbered Layer 2 ACL.
Use the acl mac name acl-name
command to enter the view of a
named Layer 2 ACL.
By default, a Layer 2 ACL does
not have a description.
The default setting is 5.
,
By default
no Layer 2 ACL rules
exist.
By default, no rule comment is
configured.