Creates a MAC access control list that contains rules that permit or deny traffic based on packet fields of the L2 OSI layer.
all or egress.Config mode
| Message | Reason |
|---|---|
| Error: l2-acl name identifier cannot exceed 64 characters. | Name is longer than 64 characters. |
| Error: l2-acl name identifier must start with an alphabetic character or an underscore. | Name begins with non-alphabetic character or does not begin with an underscore. |
| Error: l2-acl name identifier must be an arbitrary sequence of alphabets, numerals, underscores, hyphens, or dots. | Name contains invalid characters. |
| Error: l2-acl name identifier must not be reserved keyword | Name includes the reserved word identified. |
| Error: keypath contains key value with unsupported character (@, $, #, '[, ]'). | Name contains invalid characters. |
Command-line mode changes from config to config-mac-acl after new MAC ACL is created.
The [no] form of the command removes the specific or all configured MAC ACLs.
The following example creates a MAC ACL named L2 and on successful creation, the mode changes to config-mac acl.
device# configure terminal device(config)# mac access-list L2 device(config-mac-acl)# device# show running-config access-list mac access-list L2 device# show running-config mac access-list L2 mac access-list L2 device# show running-config mac access-list all mac access-list L2
The following example deletes the MAC ACL named L2.
device# configure terminal device(config)# no mac access-list L2