Netgear GSM4328PB CLI Manual Software Version 12.x - Page 960
mac access-group, deny | permit} any any, permit, rate-limit, control-plane
View all Netgear GSM4328PB manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 960 highlights
M4300 Intelligent Edge Series Fully Managed Stackable Switches Note: The special command form {deny | permit} any any is used to match all Ethernet layer 2 packets, and is the equivalent of the IP access list "match every" rule. The permit command's optional attribute rate-limit allows you to permit only the allowed rate of traffic as per the configured rate in kbps, and burst-size in kbytes. Command example: (NETGEAR Switch) (Config)#mac access-list extended mac1 (NETGEAR Switch) (Config-mac-access-list)#permit 00:00:00:00:aa:bb ff:ff:ff:ff:00:00 any rate-limit 32 16 (NETGEAR Switch) (Config-mac-access-list)#exit no sequence-number (MAC ACL) Use this command to remove the ACL rule with the specified sequence number from the ACL. Format Modes no sequence-number MAC-Access-List Config mac access-group This command either attaches a specific MAC Access Control List (ACL) identified by name to an interface or range of interfaces, or associates it with a VLAN ID, in a given direction. The name parameter must be the name of an existing MAC ACL. An optional sequence number may be specified to indicate the order of this mac access list relative to other mac access lists already assigned to this interface and direction. A lower number indicates higher precedence order. If a sequence number is already in use for this interface and direction, the specified mac access list replaces the currently attached mac access list using that sequence number. If the sequence number is not specified for this command, a sequence number that is one greater than the highest sequence number currently in use for this interface and direction is used. This command specified in Interface Config mode only affects a single interface, whereas the Global Config mode setting is applied to all interfaces. The vlan keyword and vlan-id argument are valid only in the Global Config mode. The Interface Config mode command is only available on platforms that support independent per-port class of service queue configuration. An optional control-plane is specified to apply the MAC ACL on CPU port. The control packets like BPDU are also dropped because of the implicit deny all rule added to the end of the list. To overcome this, permit rules must be added to allow the control packets. Quality of Service Commands 960 CLI Command Reference Manual