07-15-2010 01:31 AM
Hi guys,
I have a question about mac ACL. It says that "MAC ACLs—The device applies MAC ACLs only to non-IP traffic.". So, what does non-IP traffic mean? Does mac acl can deny tcp traffic? I began netperf at first and then set the acl(deny such tcp source mac) on the interface for the vm which runs netserver, I found that netperf can't stop for the specified time interval. I saw from the wireshark in the vm that tcp traffic doesn't disappear promptly, but after some time, it disappeared and netperf didn't stop.
And I saw from the command guide that the protocol field for the mac acl can be ip—Internet Protocol v4 (0x0800) in Page 299.
So, Can someone explain what is mac acl used for?
Thanks in advance!
Caixia
07-15-2010 09:29 PM
Any ideas? Has anyone used it?
Thanks,
Caixia
08-01-2010 01:56 PM
Yes. MAC ACL can be used to filter only packets where the layer 3 protocol is not IP (for example ARP). Hence it can't be used to filter tcp traffic. Instead we can use an IP ACL for this purpose.
Thanks
Ashwin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide