From: Nico van Niekerk (nico@vanniekerk.co.za)
Date: Wed Nov 03 2004 - 03:33:06 GMT-3
When defining a VACL, can you match different L2 lsap traffic in one mac ACL
(1) or do you need different mac ACL for each protocol (2)? Does it make a
difference?
(1)
mac access-list extended TEST
permit any any lsap 0xFEFE 0x0
permit any any lsap 0x4242 0x0
!
vlan access-map VACL 10
action forward
match mac address TEST
!
vlan access-map VACL 20
action drop
(2)
mac access-list extended ISIS
permit any any lsap 0xFEFE 0x0
!
mac access-list extended STP
permit any any lsap 0x4242 0x0
!
vlan access-map VACL 10
action forward
match mac address ISIS
!
vlan access-map VACL 20
action forward
match mac address STP
!
vlan access-map VACL 30
action drop
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:37 GMT-3