Just reading up on stuff and came across the I/G and U/L bits in the MAC address. The I/G bit is the first bit of the MAC address, reading MSB to LSB, the U/L bit the second.
I/G: Binary 0 means the address is a unicast; Binary 1 means the address is a multicast or broadcast.
U/L: Binary 0 means the address is vendor assigned; Binary 1 means the address has been administratively assigned, overriding the vendor-assigned address.
Say I’d want to Deny Multicast & Broadcast and also Administratively assigned addresses, then the following ACL would be best (out of the three options, due to ACL length).
mac access-list extended MACL-official-Ucast-only
permit any 0000.0000.0000 00ff.ffff.ffff
!
interface FastEthernet1/0/10
mac access-group MACL-official-Ucast-only in
Like this:
Like Loading...
Categories: CCIE R&S, Main blog
Comments Off on MAC filtering
No Responses to “MAC filtering”