Switch Anchorage ACLs
You can administer anchorage ACLs to alone layer-2 interfaces on your switches. Why? They’re supported
only on concrete interfaces, that’s why. Another acceptable affair to accumulate in apperception is that you can
apply them alone as entering lists on your interfaces as well.
Port ACLs ascendancy IP cartage via IP admission lists. Any non-IP cartage is filtered through the use
of MAC addresses. And alike admitting you can administer both types of clarify to a distinct interface,
you get to administer alone one of each. If you try a put an added ACL of either blazon on an interface
that already has them in place, the new one will override the one you had there before.
So, it’s a acceptable abstraction to be accurate here—look afore you leap.
Let’s analysis out the admission account in Table 7.8 that we can use on a about-face port:
Table 7.9 lists the options:
Here’s an archetype of this command:
S1#config t
S1(config)#mac access-list ?
extended Continued Admission List
S1(config)#mac access-list continued ?
WORD access-list name
S1(config)#mac access-list continued Todd_MAC_List
S1(config-ext-macl)#deny ?
TABLE 7 . 8 About-face Admission Account Commands
Command Meaning
mac access-list Configures a MAC access-list statement
mac access-group Places a MAC admission account on a device’s concrete interface