Configuring MAC Lists
MAC-list could be used in a route-map to match mac-address or portion of MAC address when used with mac-mask. If no mac-mask is configured, we will use ffff.ffff.ffff.
MAC-list helps to filter MAC address in EVPN Type-2 routes.
Diagram
Classes
route_control (vxlan.overlay_extensions)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| mac_list | List | [mac_list] | No |
mac_list (vxlan.overlay_extensions.route_control)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[A-Za-z0-9-_]{1,63}$ | Yes | |
| entries | List | [entries] | Yes |
entries (vxlan.overlay_extensions.route_control.mac_list)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| seq_number | Integer | min: 1, max: 4294967294 | Yes | |
| operation | Choice | permit, deny | Yes | |
| mac | Any | String[Regex: ^[a-f0-9]{1}.[a-f0-9]{1}.[a-f0-9]{1}$] or String[Regex: ^[a-f0-9]{4}.[a-f0-9]{4}.[a-f0-9]{4}$] or String[Regex: ^[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}$] or String[Regex: ^[a-f0-9]{2}-[a-f0-9]{2}-[a-f0-9]{2}-[a-f0-9]{2}-[a-f0-9]{2}-[a-f0-9]{2}$] | Yes | |
| mac_mask | Any | String[Regex: ^[a-f0-9]{1}.[a-f0-9]{1}.[a-f0-9]{1}$] or String[Regex: ^[a-f0-9]{4}.[a-f0-9]{4}.[a-f0-9]{4}$] or String[Regex: ^[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}$] or String[Regex: ^[a-f0-9]{2}-[a-f0-9]{2}-[a-f0-9]{2}-[a-f0-9]{2}-[a-f0-9]{2}-[a-f0-9]{2}$] | No |
Examples
In this example, we create a mac-list named FILTER_MAC_AAA with the sequence number seq 5 which will permit MAC address for host with MAC aaaa.aaaa.aaaa.
The second entry in the sequence 10 will match other host with MAC bbbb.bbbb.bbbb.
This MAC-list is used in the group name: maclist_RCtrlGrp, which is consumed by the switch: netascode-leaf1.
You can also create a range with the mac-mask. Ex: mac-list FILTER_MAC_AAA seq 5 permit 0022.5579.a4c1 ffff.ffff.0000. Any MAC address that starts with 0022.5579 will be allowed by this rule. The last segment (a4c1 in this case) can be any value, so the rule permits any MAC address ranging from 0022.5579.0000 to 0022.5579.ffff.
mac-list FILTER_MAC_AAA seq 5 permit aaaa.aaaa.aaaa ffff.ffff.ffff
mac-list FILTER_MAC_AAA seq 10 permit bbbb.bbbb.bbbb ffff.ffff.ffff
---
vxlan:
overlay_extensions:
route_control:
mac_list:
- name: mac-list
entries:
- seq_number: 5
operation: permit
mac: aaaa.aaaa.aaaa
mac_mask: ffff.ffff.ffff
- seq_number: 10
operation: permit
mac: bbbb.bbbb.bbbb
groups:
- name: maclist_RCtrlGrp
mac_list:
- name: mac-list
switches:
- name: netascode-leaf1
groups:
- maclist_RCtrlGrp