Support User Manuals

AMX NXA-ENET24 Switch User Manual

Open as PDF

of 304

Configuring ACLs

77

NXA-ENET24 - Software Management Guide

Configuring a MAC ACL

Command Attributes

Command Usage

Egress MAC ACLs only work for destination-mac-known packets, not for multicast, broadcast, or destination-

mac-unknown packets.

Configuring a MAC ACL - Web

Specify the action (i.e., Permit or Deny). Specify the source and/or destination addresses. Select the address

type (Any, Host, or MAC).

 If you select “Host,” enter a specific address (e.g., 11-22-33-44-55-66).

 If you select “MAC,” enter a base address and a hexadecimal bitmask for an address range.

Set any other required criteria, such as VID, Ethernet type, or packet format. Then click Add.

FIG. 76 Configuring Extended ACLs

Command Attributes

• Action: An ACL can contain permit rules, deny rules, or a combination of both.

(Default: Permit rules)

• Source/Destination

Address Type:

Use “Any” to include all possible addresses, “Host” to indicate a specific MAC

address, or “MAC” to specify an address range with the Address and Bitmask fields.

• Options: Any, Host, MAC

• Default: Any

• Source/Destination

MAC Address:

Source or destination MAC address.

• Source/Destination

Bitmask:

Hexadecimal mask for source or destination MAC address.

•VID: VLAN ID. (Range: 1-4095)

• VID Mask: VLAN bitmask. (Range: 1-4095)

• Ethernet Type: This option can only be used to filter Ethernet II formatted packets.

• Range: 600-fff hex.

• A detailed listing of Ethernet protocol types can be found in RFC 1060. A few of the

more common types include 0800 (IP), 0806 (ARP), 8137 (IPX).

• Ethernet Type

Bitmask:

Protocol bitmask. (Range: 600-fff hex.)

• Packet Format: This attribute includes the following packet types:

• Any – Any Ethernet packet type.

• Untagged-eth2 – Untagged Ethernet II packets.

• Untagged-802.3 – Untagged Ethernet 802.3 packets.

• Tagged-eth2 – Tagged Ethernet II packets.

• Tagged-802.3 – Tagged Ethernet 802.3 packets.

• Packet Format

Bitmask:

This attribute includes the following packet types:

• Any – Any Ethernet packet type.

• Untagged-eth2 – Untagged Ethernet II packets.

• Untagged-802.3 – Untagged Ethernet 802.3 packets.

• Tagged-eth2 – Tagged Ethernet II packets.

• Tagged-802.3 – Tagged Ethernet 802.3 packets.

previous next