how to configure PACL with mac acccess-lists, but then they state the following:
A MAC access list filters ingress packets that are of an unsupported type (not IP, IPv6, ARP, or MPLS packets) based on the fields of the Ethernet datagram. A MAC access list is not applied to IP, IPv6, MPLS, or ARP messages. You can define only named MAC access lists
From this phrase I understand that mac access-list filtering on L2 ports in C6500 is not working for, let's say, well-known traffic.
I believe it's not working as we know it from 3560, 3550 (configured as L2/L3 switches) due to the ways packets are processed by SP / RP on 65k.
I know that I can do mac filtering with VACL, but that's not what I want to discuss here
Any of you found any utility to mac access-lists filtering on C6500? How or for what I suppose to use it on C6500?
Please let me know if I have misunderstood something after reading the above posted document and if indeed mac access-list is working on C6500 (to filer all traffic including IP).
Hi, I was planning to use this feature in a new design, not actually tried it yet though. However I looked up Protocol Independent MAC ACL filtering on the Cisco feature navigator, I need it for a 6500 with sup720 running 12.2.33, apparently its supported in SXJ ipbase.
This is the description of the feature:
Protocol-independent MAC ACL filtering applies MAC ACLs to all ingress traffic types (for example, IPv4 traffic, IPv6 traffic, and MPLS traffic, in addition to MAC-layer traffic). I think this is the same feature you are talking about.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...