[c-nsp] MAC ACL on CBS3020
Lukas Tribus
luky-37 at hotmail.com
Wed Dec 24 09:36:39 EST 2014
> ... and that did exactly nothing, as in "packets continue to flow" and
> "show access-list hardware counter" shows exactly no "Drop" hits either.
Iirc, at least on some platforms, mac access-list only match non-IP traffic. So when we are talking IP (or IPv6) traffic, you probably wanna try an actual IP access-list (an ipv6 access-list in this case).
You may need to apply such ACLs to the vlan (via vlan-maps), not directly to the port.
But this is very platform specific, so YMMV.
lukas
More information about the cisco-nsp
mailing list