show access-list control-plane

Syntax

show access-list [ip|ipv6] [<ACL-NAME>] control-plane [vrf <VRF-NAME>]
                 [commands] [configuration] [vsx-peer]

Description

Shows information about your defined ACLs that have been applied to the Control Plane. When show access-list control-plane is entered without parameters, information for all ACLs applied to the Control Plane is shown. The parameters filter the list of ACLs for which information is shown.

Available filtering includes:
  • The content of a specific ACL that has been applied to the Control Plane.

  • All ACLs of a specific type that have been applied to the Control Plane.

  • All ACLs applied to the Control Plane for a specific VRF.

Command context

Operator (>) or Manager (#)

Parameters

ip|ipv6

Specifies the ACL type: ip for IPv4, oripv6 for IPv6.

<ACL-NAME>

Specifies the ACL name.

vrf <VRF-NAME>

Specifies the VRF name.

[commands]

Specifies that the ACL definition is to be shown as the commands and parameters used to create it rather than in tabular form.

[configuration]

Specifies that the user-configured ACLs be shown as entered, even if the ACLs are not active due to ACE-definition command issues or hardware issues. This parameter is useful if there is a mismatch between the entered configuration and the previous successfully programmed (active) ACLs configuration.

[vsx-peer]

Shows the output from the VSX peer switch. If the switches do not have the VSX configuration or the ISL is down, the output from the VSX peer switch is not displayed.

Authority

Operators or Administrators. Users without administrator authority can execute this command from the operator context (>) only.

Examples

Showing an IPv4 ACL applied to the Control Plane mgmt VRF:

switch# show access-list ip My_ipv4_ACL control-plane vrf MGMT
Type       Name
  Sequence Comment
           Action                          L3 Protocol
           Source IP Address               Source L4 Port(s)
           Destination IP Address          Destination L4 Port(s)
           Additional Parameters
------------------------------------------------------------------------------
IPv4       My_ipv4_ACL
        10 permit                          udp
           any
           172.16.1.0/24
        20 permit                          tcp
           172.16.2.0/16                    >  1023
           any
        30 permit                          tcp
           172.26.1.0/24
           any
           syn
           ack
           dscp 10
        40 deny                            any
           any
           any
           Hit-counts: enabled
------------------------------------------------------------------------------

Showing an IPv6 ACL applied to the Control Plane mgmt VRF:

switch# show access-list ipv6 My_ipv6_ACL control-plane vrf mgmt
Type       Name
  Sequence Comment
           Action                          L3 Protocol
           Source IP Address               Source L4 Port(s)
           Destination IP Address          Destination L4 Port(s)
           Additional Parameters
------------------------------------------------------------------------------
IPv6       My_ipv6_ACL
        10 permit                          udp
           any
           2001::1/64
        20 permit                          tcp
           2001:2001::2:1/128               >  1023
           any
        30 permit                          tcp
           2001:2011::1/64
        40 deny                            any
           any
           any
           Hit-counts: enabled
------------------------------------------------------------------------------