Support User Manuals

Dell 53-1002116-01 Network Card User Manual

Open as PDF

of 168

90 Dell Converged Enhanced Ethernet Administrator’s Guide

53-1002116-01

ACL configuration and management

9

If you need to add more rules between existing rules than the current sequence numbering allows,

you can use the resequence command to reassign sequence numbers. For detailed information,

see “Reordering the sequence numbers in a MAC ACL” on page 90.

Use a sequence number to specify the rule you wish to modify. Without a sequence number, a new

rule is added to the end of the list, and the existing rule is unchanged.

NOTE

Using the permit and deny keywords, you can create many different rules. The examples in this

section provide the basic knowledge needed to modify MAC ACLs.

NOTE

This example assumes that test_02 contains an existing rule number 100 with the “deny any any”

options.

To modify a MAC ACL, perform the following steps from Privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the mac command to specify the ACL called test_02 for modification.

switch(config)#mac access-list extended test_02

3. Enter the no seq command to delete the existing rule 100.

switch (config)#no seq 100

4. Enter the seq command to re create rule number 100 by recreating it with new parameters.

switch(conf-macl-ext)#seq 100 permit any any

Removing a MAC ACL

To remove a MAC ACL, perform the following steps from Privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the mac command to specify and delete the ACL that you want to remove. In this

example, the extended MAC ACL name is “test_02.”

The following example deletes the extended MAC ACL named “test_02.”

switch(config)#no mac access-list extended test_02

Reordering the sequence numbers in a MAC ACL

You can reorder the sequence numbers assigned to rules in a MAC ACL. Reordering the sequence

numbers is useful when you need to insert rules into an ACL and there are not enough available

sequence numbers.

The first rule receives the number specified by the starting-sequence number that you specify.

Each subsequent rule receives a number larger than the preceding rule. The difference in numbers

is determined by the increment number that you specify. The starting-sequence number and the

increment number must be in the range of 1 through 65535.

For example, in the task listed below the resequence command assigns a sequence number of

50 to the rule named test_02, then the second rule has a sequence number of 55 and the

third rule a has a sequence number of 60.

previous next