NETGEAR 7300S mac access-group <name> {in|out} [sequence <1-4294967295>]

User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software

Quality of Service (QoS) Commands 11-3

202-10088-01, March 2005

The Ethertype may be specified as either a keyword or a four-digit hexadecimal value from

0x0600-0xFFFF. The currently supported <ethertypekey> values are: appletalk, arp, ibmsna,

ipv4, ipv6, ipx, mplsmcast, mplsucast, netbios, novell, pppoe, rarp. Each of these translates into

its equivalent Ethertype value(s).

The assign-queue parameter allows specification of a particular hardware queue for handling

traffic that matches this rule. The allowed <queue-id> value is 0-(n-1), where n is the number of

user configurable queues available for the hardware platform. The redirect parameter allows the

traffic matching this rule to be forwarded to the specified <slot/port>. The assign-queue and

redirect parameters are only valid for a 'permit' rule.

Format {deny|permit} {{<srcmac> <srcmacmask} | any} {{<dst-

mac> <dstmacmask>} | any | bpdu} [<ethertypekey> |

<0x0600-0xFFFF>] [vlan {{eq <0-4095>} | {range <0-

4095> <0-4095>}}] [cos <0-7>] [secondary-vlan {{eq <0-

4095>} | {range <0-4095> <0-4095>}}] [secondary-cos

<0-7>] [assign-queue <queue-id>] [redirect <slot/

port>]

Note that the special command form {deny|permit} any any is used to match all Ethernet layer 2

packets, and is the equivalent of the IP access list "match every" rule.

Mode Mac-Access-List Config

mac access-group <name> {in|out} [sequence <1-4294967295>]

This command attaches a specific MAC Access Control List (ACL) identified by <name> to an

interface in a given direction. The <name> parameter must be the name of an exsiting MAC ACL.

An optional sequence number may be specified to indicate the order of this access list relative to

other access lists already assigned to this interface and direction. A lower number indicates higher

precedence order. If a sequence number is already in use for this interface and direction, the

specified access list replaces the currently attached access list using that sequence number. If the

sequence number is not specified for this command, a sequence number that is one greater than the

highest sequence number currently in use for this interface and direction will be used.

This command specified in 'Interface Config' mode only affects a single interface, whereas the

'Global Config' mode setting is applied to all interfaces. The 'Interface Config' mode command is

only available on platforms that support independent per-port class of service queue configuration.

Format mac access-group <name> {in|out} [sequence <1-

4294967295>]

Mode Global Config or Interface Config