From: Rick Lowery (ccie_2003@xxxxxxxxxxx)
Date: Thu Aug 22 2002 - 23:25:25 GMT-3
There is not much documentation on this at all. I don't understand how to
configure a MAC adddress mask. I know these are great for filtering non-IP
traffic, but can someone show an example with filtering ip traffic?
Thanks,
Rick
Step 1
configure terminal
Enter global configuration mode.
Step 2
mac access-list extended name
Define an extended MAC access list by using a name.
Step 3
{deny | permit} {any | host source MAC address} {any | host destination
MAC address} [aarp | amber | appletalk | dec-spanning | decnet-iv | diagnostic
| dsm | etype-6000 | etype-8042 | lat | lavc-sca | mop-console | mop-dump |
msdos | mumps | netbios | vines-echo |vines-ip | xns-idp]
In extended MAC access-list configuration mode, specify to permit or deny
any source MAC address or a specific host source MAC address and any
destination MAC address.
(Optional) You can also enter these options:
aarp | amber | appletalk | dec-spanning | decnet-iv | diagnostic | dsm
| etype-6000 | etype-8042 | lat | lavc-sca | mop-console | mop-dump | msdos |
mumps | netbios | vines-echo |vines-ip | xns-idp-(a non-IP protocol).
Step 4
end
Return to privileged EXEC mode.
**This is me on my switch!!!!
3550(config)#mac access-list extended MYNAME
3550(config-ext-macl)#per
3550(config-ext-macl)#permit ?
H.H.H 48-bit source MAC address
any any source MAC address
host A single source host
3550(config-ext-macl)#permit d1.d2.d3 ?
H.H.H 48-bit source MAC address mask
3550(config-ext-macl)#permit d1.d2.d3
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:48:34 GMT-3