From: M S (michaelgstout@hotmail.com)
Date: Tue Dec 12 2006 - 17:55:23 ART
Hello all:
I too have encounterd a simular problem.
It appears that this email was lost among all of the others:
Is anybody able to explain the difference between the vlan access-map and
the extended mac access-list
Thank you very much.
--------------------------------------------------------------------
From: JB <jellyboy@gmail.com>
Reply-To: JB <jellyboy@gmail.com>
To: "ccielab@groupstudy.com" <ccielab@groupstudy.com>
Subject: MAC ACL Vs Vlan access-map
Date: Mon, 11 Dec 2006 14:01:50 +0000
Dear all, Q refers to IEWB Lab6 9.1, but it is a general question
anyways. The task asks to filter DEC spanning tree bpdus and offers a
clan access-map as the solution:
vlan access-map DECNET 10
action drop
match mac address DECNET
vlan access-map DECNET 20
action forward
match mac address ANY>>MAC
vlan filter DECNET vlan-list 363
mac access-list extended ANY>>MAC
permit any any
mac access-list extended DECNET
permit any any dec-spanning
I fully understand the technology here, but I am wondering if an
extended mac ACL here would also work and have *exactly* the same
functionality?
All VL363 ports are access ports in this example:
mac access-list extended DECNET
deny any any dec-spanning
permit any any
interface FastEthernet0/24
switchport access vlan 363
switchport mode access
mac access-group DECNET in
!
TIA,
BTW, Thanks Brians for hosting that online session- it was extremely
informative!!
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
------------------------------------------------------------------------
Talk now to your Hotmail contacts with Windows Live Messenger.
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART