8 permit (extended ACLs)

permit (extended ACLs)

Configures a MAC address rule to permit traffic based on the source and destination MAC addresses.

Synopsis

permit {any host MAC _ACLMAC_ACL} {any host MAC _ACL MAC _ACL} [EtherType arp

 

fcoe ipv4] [count]

 

 

no permit {any host MAC _ACLMAC_ACL} {any host MAC _ACL MAC _ACL} [EtherType arp

 

fcoe ipv4]

 

Operands

any

Specifies any source MAC address.

 

host MAC_ACL

Specifies the source host MAC address for which to set permit conditions.

 

 

Use the format HHHH.HHHH.HHHH.

 

MAC_ACL

Specifies the source host MAC address for which to set permit conditions.

 

 

Use the format HHHH.HHHH.HHHH.

 

any

Specifies any destination MAC address.

 

host MAC_ACL

Specifies the destination host address for which to set permit conditions. Use

 

 

the format HHHH.HHHH.HHHH.

 

MAC_ACL

Specifies the destination host address for which to set permit conditions. Use

 

 

the format HHHH.HHHH.HHHH.

 

Ethertype

Specifies the protocol number for which to set the permit conditions. The

 

 

range of valid values is 1536-65535.

 

arp

Specifies to permit the Address Resolution Protocol (0x0806).

 

fcoe

Specifies to permit the Fibre Channel over Ethernet Protocol (0x8906).

 

ipv4

Specifies to permit the IPv4 protocol (0x0800).

 

count

Enables counting of the packets matching the filter rule.

Defaults

By default, no MAC ACLs are configured.

Command

Feature Access Control List Configuration mode

Modes

 

 

Description

Use this command to configure rules to match and to permit traffic based on the source and

 

destination MAC addresses, and the protocol type. You can also enable counters for a specific rule.

 

There are 255 ACL counters supported per port group. Use the no permit command to remove a

 

rule from the MAC ACL.

Usage

The first set of {any host MAC_ACL MAC_ACL} parameters is specific to the source MAC

Guidelines

address. The second set of {any host MAC_ACL MAC_ACL} parameters is specific to the

 

destination MAC address.

Example

To create a rule in a MAC extended ACL to permit IPv4 traffic from the source MAC address

 

0022.3333.4444 to the destination MAC address 0022.3333.5555 and to enable the counting of

 

packets:

 

switch(conf-macl-ext)#permit 0022.3333.4444 0022.3333.5555 ipv4 count

116

Converged Enhanced Ethernet Command Reference

 

53-1001762-01

Page 133 Page 135
Page 134
Image 134
Brocade Communications Systems 53-1001762-01 manual Permit extended ACLs, Fcoe ipv4 count
Page 133 Page 135

53-1001762-01 specifications

Brocade Communications Systems 53-1001762-01 is a sophisticated network switch designed primarily for enterprise-level data centers and modern virtualization environments. This device exemplifies the company’s dedication to providing high-performance, reliable, and scalable network solutions.

One of the main features of the Brocade 53-1001762-01 is its exceptional layer 2 and layer 3 switching capabilities. This allows for seamless connectivity across various network layers, optimizing data traffic management and improving overall network efficiency. With its support for multiple protocols, including Ethernet and Fibre Channel, the switch is adaptable to various networking needs.

In terms of technology, the Brocade 53-1001762-01 leverages advanced ASIC (Application-Specific Integrated Circuit) technology, ensuring low latency and high throughput. This is particularly beneficial for applications that require real-time data processing, such as video streaming, high-frequency trading, and large-scale database operations. The switch supports high bandwidth throughput, enabling organizations to handle increased data loads without compromising performance.

Scalability is another critical characteristic of the Brocade 53-1001762-01. It allows for stackable configurations, enabling businesses to easily expand their network infrastructure as demands grow. The device supports Virtual Chassis technology, which allows multiple switches to be managed as a single unit, simplifying network management and reducing operational costs.

Security features in the Brocade 53-1001762-01 address the growing need for robust protection against cyber threats. It supports various security protocols and provides tools for network segmentation, traffic encryption, and secure access control. These features are crucial for complying with regulatory standards and safeguarding sensitive data in enterprise environments.

Moreover, the Brocade 53-1001762-01 is designed with energy efficiency in mind, presenting organizations with a sustainable solution that reduces power consumption without sacrificing performance. This is particularly important as businesses seek to minimize their carbon footprint and operational costs.

In summary, the Brocade Communications Systems 53-1001762-01 is a versatile, high-performance network switch that stands out for its advanced networking capabilities, scalability, robust security features, and energy efficiency. It empowers organizations to build and maintain efficient, secure, and future-proof networking environments.
Top Page Image Contents