Resequence mac access-list name starting-sequence-number increment Example: switch(config)# resequence mac access-list acl-mac-01 100 10Īssigns sequence numbers to the rules contained in the ACL, where the first rule receives the number specified by the starting-sequence resequence mac access-list name starting-sequence-number incrementĬonfigure terminal Example: switch# configure terminal.Into an ACL and there are not enough available sequence numbers. Resequencing is useful when you need to insert rules You can change all the sequence numbers assigned to rules in a MAC ACL.
Show mac access-lists name Example: switch(config-mac-acl)# show mac access-lists acl-mac-01Ĭopy running-config startup-config Example: switch(config-mac-acl)# copy running-config startup-configĬopies the running configuration to the startup configuration. The no option stops the device from maintaining global statistics for the ACL. Specifies that the device maintains global statistics for packets that match the rules in the ACL. statistics per-entry Example: switch(config-mac-acl)# statistics per-entry
For more information, see the Cisco Nexus 7000 Series NX-OS Security Command Reference.
The permit and deny commands support many ways of identifying traffic. Removes the rule that you specify from the MAC ACL.
This table lists the default settings for MAC ACL parameters. Not supported if the DHCP snooping feature is enabled. If youĮnable MAC packet classification on the VLANs, the basic functionalities will break on these protocols.ĪCL that is on the interface applies to all traffic entering the interface,Ĭannot apply an IP port ACL on the interface.ĪCL that is on the interface applies only to non-IP traffic entering theĮnabling or Disabling MAC Packet Classification Prerequisites forįollowing configuration guidelines and limitations: MAC packet classification does not work on the Layer 3 control plane protocols such as HSRP, VRRP, OSPF, and so on. Interface applies to all traffic entering the interface, including IP traffic, MAC ACLs share many fundamental concepts with IP ACLs,Ĭlassification allows you to control whether a MAC ACL that is on a Layer 2 MAC ACLs are ACLs that use information in the Layer 2 header of packets See a list of the releases in which each feature is supported, see the "New and Changed Information"chapter or the Feature To find information about the features documented in this module, and to
See the Bug Search Tool at and the release notes for your software release. For the latest caveats and feature information, Your software release might not support all the features documented in this module.