Mohsin, Not really, macip acl only nails down the predefined known addresses.
Mostafa, To implement the functionality you are looking for, you would need to write new code. --a > On 12 Feb 2018, at 23:20, Mohsin Kazmi <[email protected]> wrote: > > Hi Mostafa, > > Port Security functional can be implemented using ACL plugin MACIP feature. > On a given interface, ACLs are applied on input traffic to permit using a mix > of MAC and IP. > > > Here you will find more detail about it: > > https://wiki.fd.io/view/VPP/SecurityGroups#MACIP_.28formerly_.22L2.22.29_API > > Cheers, > Mohsin​ > From: [email protected] <[email protected]> on behalf of Mostafa Salari > <[email protected]> > Sent: Saturday, February 10, 2018 10:55 AM > To: [email protected] > Subject: [vpp-dev] Port security > > Hi > > How can i apply port-security functionality with vpp? In summary, before a > new MAC come into mac-table, some special functions must be triggered. Those > functions, determine whether the new mac is allowed to connect or not, and if > not, what action should be performed? Actions are: increasing a violation > counter, dropping the packet and (sometimes) turning the incomming interface > down! > > Any help is appreciated. > Regards >
