Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

MAC ACL by CLI

Hi there ... I have a SG300 with MAC ACL. Is there a way to add more entries by CLI setting the priority? I know I can do that by GUI, but when I need to enter like 10 new entries, it'd be much faster to do it by CLI, but I couldn't find a way tell what priority I want the new entries

Thanks

1 REPLY

Re: MAC ACL by CLI

Hi Larry,

You are correct there isn't a priority option in the CLI, but only in the GUI.

The priority of the subsequent ACE  entry will be lower  than the previous entry, but it is reflected as a higher number..

It is what it is. .

When i look at the following list taken from my SG300-10P i can see quite clearly order of priority in which the entries are processed.

I must admit it would be easier to insert a entry into the middle of the ACE entries,  if I could specify a priority number and one was shown in CLI. 

But persoanlly from my perspective it doesn't seem like that much of a big deal to me..but that is my personal perspective .

mac access-list extended restrict@L2

permit 00:00:00:00:00:10 00:00:00:00:00:00 00:00:00:00:00:01 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:11 00:00:00:00:00:00 00:00:00:00:00:02 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:12 00:00:00:00:00:00 00:00:00:00:00:03 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:13 00:00:00:00:00:00 00:00:00:00:00:04 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:14 00:00:00:00:00:00 00:00:00:00:00:05 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:15 00:00:00:00:00:00 00:00:00:00:00:06 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:16 00:00:00:00:00:00 00:00:00:00:00:07 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:17 00:00:00:00:00:00 00:00:00:00:00:08 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:18 00:00:00:00:00:00 00:00:00:00:00:09 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:20 00:00:00:00:00:00 00:00:00:00:00:01 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:21 00:00:00:00:00:00 00:00:00:00:00:02 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:22 00:00:00:00:00:00 00:00:00:00:00:03 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:23 00:00:00:00:00:00 00:00:00:00:00:04 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:24 00:00:00:00:00:00 00:00:00:00:00:05 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:25 00:00:00:00:00:00 00:00:00:00:00:06 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:26 00:00:00:00:00:00 00:00:00:00:00:07 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:27 00:00:00:00:00:00 00:00:00:00:00:08 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:28 00:00:00:00:00:00 00:00:00:00:00:09 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:30 00:00:00:00:00:00 00:00:00:00:00:01 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:31 00:00:00:00:00:00 00:00:00:00:00:02 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:32 00:00:00:00:00:00 00:00:00:00:00:03 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:33 00:00:00:00:00:00 00:00:00:00:00:04 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:34 00:00:00:00:00:00 00:00:00:00:00:05 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:35 00:00:00:00:00:00 00:00:00:00:00:06 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:36 00:00:00:00:00:00 00:00:00:00:00:07 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:37 00:00:00:00:00:00 00:00:00:00:00:08 00:00:00:00:00:00 vlan 100

permit 00:00:00:00:00:38 00:00:00:00:00:00 00:00:00:00:00:09 00:00:00:00:00:00 vlan 100

permit any any vlan 100

Which is reflected in the GUI with a priority number, 1 being the highest priority and

2147483647 being the lowest priority.

701
Views
0
Helpful
1
Replies
CreatePlease to create content