i have one problem here, i just want to know is it possible to block host to host communication in same vlan via the switches ACL controlled.
I found a cisco document but not working.
Are both hosts connected on the access switch? If so, you need to configure this on the access switch because L2 traffic doesn't go to the distribution switch.
Also, I wouldn't put the 0x806 and 0x0 in the ACL. This prevents all traffic between these two MAC addresses. You should also put in the reverse entry.
mac access-list extended test
permit host 0016.e678.0ae0 host 0011.43bb.0ebe
permit host 0011.43bb.0ebe host 0016.e678.0ae0