HP Mellanox SX1018 Mellanox MLNX-OS® User Manualfor SX1018HP Ethernet - Page 79
Access Control List
View all HP Mellanox SX1018 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 79 highlights
Rev 1.6.9 Step 5. Run the command show dcb ets to verify the configuration. switch (config) # show dcb ets ETS enabled TC Bandwidth 0 30% 1 30% 2 10% 3 30% Number of Traffic Class: 4 switch (config) # 5.9 Access Control List An Access Control List (ACL) is a list of permissions attached to an object, to filter or match switches packets. When the pattern is matched at the hardware lookup engine, a specified action (e.g. permit/deny) is applied. The rule fields represent flow characteristics such as source and destination addresses, protocol and VLAN ID. ACL support currently allows actions of permit or deny rules, and supports only ingress direction. ACL search pattern can be taken from either L2 or L3 fields, e.g L2/L3 source and destination addresses, protocol, VLAN ID and priority or TCP port. 5.9.1 Configuring Access Control List Access Control List (ACL) is configured by the user and is applied to a port once the ACL search engine matches search criteria with a received packet. To configure ACL: Step 1. Log in as admin. Step 2. Enter config mode. Run: switch > enable switch # configure terminal Step 3. Create a MAC / IPv4 ACL (access-list) entity. switch (config) mac access-list mac-acl switch (config mac access-list mac-acl) # Step 4. Add a MAC / IP rules to the appropriate access-list. switch (config mac access-list mac-acl)seq-number 10 deny 0a:0a:0a:0a:0a:0a mask ff:ff:ff:ff:ff:ff any vlan 6 cos 2 protocol 80 switch (config mac access-list mac-acl) # Step 5. Bind the created access-list to an interface (slot/port or port-channel). switch (config) switch (config) # interface ethernet 1/1 switch (config interface ethernet 1/1) # mac port access-group mac-acl Mellanox Technologies 79 Mellanox Technologies Confidential