ACL application
ACLs can be applied as follows:
ACL type
Direction |
IPv4
In |
IPv4
Out |
IPv6
In |
IPv6
Out |
MAC
In |
MAC
Out |
---|---|---|---|---|---|---|
L2 interface (port) | Yes | Yes | Yes | Yes | Yes | Yes |
L2 LAG | Yes | Yes | Yes | Yes | Yes | Yes |
L3 interface (port) | Yes | Yes | Yes | Yes | Yes | Yes |
L3 LAG | Yes | Yes | Yes | Yes | Yes | Yes |
VLAN | Yes | Yes | Yes | Yes | Yes | Yes |
Management interface | Yes | Yes | ||||
Control plane (per VRF) | Yes | Yes |
NOTE:
The following match criteria is not supported. If this match criteria is attempted to be configured, an error message will be displayed and the action will not be completed.
TTL on IP ACLs
NOTE:
To apply IPv4 and/or IPv6 ACLs to the management interface, apply them to the control plane on the management VRF.