disable access-list permit to-cpu
Description
Allows special packets to be blocked by low priority ACLs.
Syntax Description
This command has no arguments or variables.
Default
Enabled.
Usage Guidelines
This command allows ACLs to deny certain special packets from reaching the CPU, even if the packets match ACLs that would otherwise deny them. The special packets include STP and EAPS BPDUs, and ARP replies for the switch.
When this feature is disabled, these same packets will be denied if an ACL is applied that contains a matching entry that denies the packets. Contrary to expectations, the packets will still be denied if there is a higher precedence entry that permits the packets.
To enable this feature, use the following command:
enable access-list permit to-cpu
Example
The following example enables ACLs to deny STP BPDU packets from reaching the switch CPU:
disable access-list permit to-cpu
History
This command was first available in ExtremeXOS 11.3.2.
Platform Availability
This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.