Viewing the IPv4 and IPv6 VACL assignments for a VLAN
This command lists the identifiers and types of RACLs and VACLs currently assigned to a particular VLAN in the running-config file. (The switch allows one inbound and one outbound RACL assignment per VLAN, plus one VACL assignment.)
Syntax:
show access-list vlan
<vid>
Lists the current IPv4 and IPv6 RACL and/or VACL assignments to a VLAN in the running config file.
This information also appears in the
show running
output. If you execute
write memory
after configuring an ACL, it also appears in the
show config
output.
Displaying the ACL assignments for a VLAN
The following output shows that inbound, routed IPv6 traffic and outbound, routed IPv4 traffic are both filtered on VLAN 20.
Switch(vlan-20)# show access-list vlan 20 Access Lists for VLAN 20 IPv4 Router Inbound : (None) 1 IPv4 Router Outbound : (None) IPv4 VLAN Inbound : (None) IPv4 VLAN Outbound : (None) IPv4 Connection Rate Filter : (None) IPv6 Router Inbound : (None) IPv6 Router Outbound : (None) 2 IPv6 VLAN Inbound : accounting 3 IPv6 VLAN Outbound : 101 4 MAC VLAN Inbound : (None) MAC VLAN Outbound : (None) Connection Rate Filter Access List: None 5 Switch(vlan-20)#
1 There is no filtering of routed IPv4 traffic entering the switch on VLAN 20
2 There is no filtering of routed IPv6 traffic leaving the switch on VLAN 20.
3 An IPv6 VLAN named "accounting" is assigned to filter routed IPv6 traffic entering the switch on VLAN 20
4 An extended VLAN named "101" is assigned to filter routed IPv6 traffic exiting from the switch on VLAN 20
5 Applies to IPv4 Connection Rate Filter ACLs. See “Virus Throttling (Connection-Rate Filtering)” in the Access Security Guide for your switch.