1、交换机数据转发流程解析
2、实验拓扑
3、配置基于IP的VACL
3560配置
access-list 1 permit 192.168.120.210
vlan access-map VACL 10
action drop
match ip address 1
vlan filter VACL vlan-list 1
4、配置基于MAC的VACL
3560配置
mac access-list extended VACL_MAC
permit host 94de.801d.3277 any
vlan access-map VACL 10
action drop
match mac address VACL_MAC
vlan filter VACL vlan-list 1
测试之前用arp -d清楚之前的ARP缓冲,要不将会看到依旧ping得通。
原创文章,作者:306829225,如若转载,请注明出处:https://blog.ytso.com/207711.html