The command lists all the FCoE ACL (Access Control List)s meeting the criteria.
The list can be shortened by specifying the MAC of an FCF or the VN_Port MAC assigned to a virtual link in the VLAN (Virtual LAN). The ACL with higher priority appears first.
By default, the command lists all the ACLs installed by the VLAN. The example below shows the output of the command followed by the default ACLs installed when fip-snooping is enabled on the VLAN.
fip |
FCoE Initialization Protocol. |
snooping |
Snooping FIP frames. |
vlan_name |
Name of the VLAN for which the access-list is shown. |
fcf |
List FCoE access-lists matching the FCoE forwarder‘s MAC. |
mac_addr |
MAC address of the FCoE forwarder. |
virtual-link |
List FCoE access-lists matching FCoE virtual link‘s MAC. |
mac_addr |
MAC address assigned to a VN-Port in the form xx:xx:xx:xx:xx:xx where xx is a pair of hexadeximal digits. |
all |
All FCoE access-lists in the VLAN. |
N/A.
The command lists all the FCoE ACLs meeting the criteria.
# show fip snooping vlan v3 VLAN : v3 FIP Snooping : Enabled FCF Update : Auto FC-MAP : 0e:fc:00:00:00:00 Port Location ------ --------------- 1:1 Perimeter 1:2 FCF-to-Enode 1:3 Enode-to-FCF 1:4 All ---------------------- ? # show fip snooping vlan v3 access-list VLAN : v3 entry f424c0TffffS0efc00000000 { if match all { ethernet-type 0x0; ethernet-destination-address 0e:fc:00:00:00:00; } then { deny ; do-not-learn ; }} entry f424c1T8914D011018010002 { if match all { ethernet-type 0x8914; ethernet-destination-address 01:10:18:01:00:02; } then { permit ; mirror-cpu ; }} entry f424c2T8914D011018010001 { if match all { ethernet-type 0x8914; ethernet-destination-address 01:10:18:01:00:01; } then { permit ; mirror-cpu ; }} entry f424c3T8906 { if match all { ethernet-type 0x8906; } then { deny ; do-not-learn ; }} entry f424c3T8914 { if match all { ethernet-type 0x8914; } then { deny ; do-not-learn ; }} Total number of ACL : 5
This command was first available in ExtremeXOS 15.1.
This command is available on the Summit X770.