Configuring a MAC ACL to Allow Network Traffic

To allow IPv4 network traffic from MAC address, 01:80:c2:00:00:0X, for the scope fabric, create the MAC ACL, allow-MAC, using the following syntax:

CLI network-admin@Leaf1>acl-mac-create name allow-mac action permit src-mac 01:80:c2:00:00:0X ether-type ipv4 scope fabric

To review the configuration, use the acl-mac-show command:

CLI network-admin@Leaf1>acl-mac-show name deny-mac layout vertical

name:                        deny-mac

id:                          b000015:12

action:                      deny

src-mac:                     01:80:c2:00:00:0X

dst-mac:                     00:00:00:00:00:00

dst-mac-mask:                aa:aa:aa:aa:aa:aa

ether-type:                  ipv4

vlan:                        0

scope:                       fabric

port:                        0

 

To delete the ACL configuration, use the acl-mac-delete command.

To modify the ACL configuration, use the acl-mac-modify command.