use

interface-config-port-channel-instance

Configures access controls on this port-channel interface

Supported in the following platforms:

  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

use [ip-access-list|ipv6-access-list|mac-access-list] in <IP/IPv6/MAC-ACCESS-LIST-NAME>]]

Parameters

use [ip-access-list|ipv6-access-list|mac-access-list] in <IP/IPv6/MAC-ACCESS-LIST-NAME>]
use [ip-access-list| ipv6-access-list| mac-access-list] <IP/IPv6/MAC-ACCESS-LIST-NAME>] Associates an access list controlling the inbound traffic on this port channel.
  • ip-access-list – Specify the IPv4 specific firewall rules to apply to this profile‘s port channel configuration. IPv4 is a connectionless protocol for packet switched networking. IPv4 operates as a best effort delivery method, as it does not guarantee delivery, and does not ensure proper sequencing or duplicate delivery (unlike (TCP). IPv4 hosts can use link local addressing to provide local connectivity.
  • ipv6-access-list – Specify the IPv6 specific firewall rules to apply to this profile‘s port channel configuration. IPv6 is the latest revision of the Internet Protocol (IP) designed to replace IPv4. IPV6 provides enhanced identification and location information for computers on networks routing traffic across the Internet. IPv6 addresses are composed of eight groups of four hexadecimal digits separated by colons.
  • mac-access-list – Specify the MAC specific firewall rules to apply to this profile‘s port channel configuration.
    • <IP/IPv6/MAC-ACCESS-LIST-NAME> – Provide the IPv4, IPv6, or MAC access list name based on the option selected. The access list specified should be existing and configured.

Example

nx9500-6C8809(config-profile-testNX9000-if-port-channel1)#use ip-access-list in
BROADCAST-MULTICAST-CONTROL

nx9500-6C8809(config-profile-testNX9000-if-port-channel1)#show context
 interface port-channel1
  description "This port-channel is for enabling dynamic LACP."
  speed 100
  duplex full
  switchport mode trunk
  switchport trunk native vlan 1
  no switchport trunk native tagged
  switchport trunk allowed vlan 1
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
  ipv6 nd trust
  ipv6 nd header-mismatch-validation
  spanning-tree portfast
--More--
nx9500-6C8809(config-profile-testNX9000-if-port-channel1)#

Related Commands

no Removes the access controls configured on this port-channel interface