Information About Vlan Acls; Vacls And Access Maps; Vacls And Actions - Cisco AJ732A - MDS 9134 Fabric Switch Configuration Manual

Information About VLAN ACLs

S e n d f e e d b a c k t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m
To display or clear MAC ACL statistics, perform one of the following tasks:
Command
show mac access-lists
clear mac access-list counters
This example shows how to create a MAC ACL named acl-mac-01 and apply it to Ethernet interface 2/1,
which is a Layer 2 interface in this example:
mac access-list acl-mac-01
permit 00c0.4f00.0000 0000.00ff.ffff any
interface ethernet 2/1
mac access-group acl-mac-01
Information About VLAN ACLs
A VLAN ACL (VACL) is one application of a MAC ACL or IP ACL. You can configure VACLs to apply
to all packets that are bridged within a VLAN. VACLs are used strictly for security packet filtering.
VACLs are not defined by direction (ingress or egress).
For more information about types and applications of ACLs, see the
on page
This section includes the following topics:
•
•
•

VACLs and Access Maps

VACLs use access maps to link an IP ACL or a MAC ACL to an action. The switch takes the configured
action on packets permitted by the VACL.

VACLs and Actions

In access map configuration mode, you use the action command to specify one of the following actions:
•
•
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
20-14
20-1.
VACLs and Access Maps, page 20-14
VACLs and Actions, page 20-14
Statistics, page 20-15
Forward—Sends the traffic to the destination determined by normal operation of the switch.
Drop—Drops the traffic.
Chapter 20
Purpose
Displays MAC ACL configuration. If the MAC
ACL includes the statistics command, the show
mac access-lists command output includes the
number of packets that have matched each rule.
Clears statistics for all MAC ACLs or for a
specific MAC ACL.
"Information About ACLs" section
Configuring ACLs
OL-16597-01