home

Software

NetworkingStorageSoftware
NetworkingStorageSoftware

Celestica Documentation Portal

Find your product documents here

Show Contents

thumbnailSoftware

MAC ACL Commands

MAC Access-list rules create and delete

Adds new rules for the MAC access-list from the config-mac-acl mode.

Syntaxsequence <seq-number> {permit | deny} {any | <src-mac-address> | <src-mask-address>} {any | <dst-mac-address> | <dst-mask-address>} [ <Ether-type> | arp | ip | ipv6]
Command modeACL MAC mode
Parameters

  • seq-number – Sequence number for the ACL rule. Range: 1 – 65535.

  • permit – Forward the traffic.

  • deny – Drop the traffic.

  • any – Keyword for matching any MAC address.

  • src-mac-address – Source MAC address of the format nn:nn:nn:nn:nn:nn, where n is any number in the range of 0 – f.

  • src-mask-address – Source mask MAC address.

  • dst-mac-address – Destination MAC address of the format nn:nn:nn:nn:nn:nn, where n is any number in the range of 0 – f.

  • dst-mask-address – Destination mask MAC address.

  • Ether-type – (0x600-0xffff) Ether type (0x0800, 0x0806, 0x86dd, 0x8847, 0x88cc, 0x8915)

Usage Use no sequence <sequence-number> to remove the access-list rule corresponding to given sequence number.
Supported Releases 1.0.0 or later
Click commandconfig acl update {full | incremental} <filename>

  • full – Full update of ACL rules configuration.

  • incremental – Incremental update of ACL rule configuration.

Example 
sonic(config)# mac access-list mac_access_name
sonic(config-mac-acl)# sequence 1 permit any any ip
sonic(config-mac-acl)# sequence 2 deny 11:11:11:11:11:11 ff:ff:ff:ff:ff:ff 22:22:22:22:22:22 ff:ff:ff:ff:ff:ff arp

sonic# configure terminal
sonic(config)# mac access-list mac_access_name
sonic(config-mac-acl)# no sequence 1
sonic(config-mac-acl)# no sequence 2

Last updated: October 8, 2024