[c-nsp] nexus logging L3 ACL and mac source ?
Phil Mayers
p.mayers at imperial.ac.uk
Mon Jun 24 10:32:46 EDT 2013
On 24/06/13 15:29, Jeffrey G. Fitzwater wrote:
> In IOS when we had an L3 ACL with "deny log-input" the log entry would show the VLAN and MAC SRC for ACE hit….
This was always platform- and context-dependent.
e.g. On 6500, only CPU-punted packets would even be ACL-logged, unless
you were using OAL.
>
> %SEC-6-IPACCESSLOGP: list router-in denied udp n.n.n.n(137) (Vlan176 00de.adee.675a) -> n.n.n.n(137), 67 packets
>
>
> But in NX-OS this does not appear possible with 6.1.2.
In what context are you applying the ACL?
More information about the cisco-nsp
mailing list