Configuring numbered and named acls, Configuring standard numbered acls – Brocade BigIron RX Series Configuration Guide User Manual

Page 678

Advertising
background image

600

BigIron RX Series Configuration Guide

53-1002484-04

Configuring numbered and named ACLs

22

BigIron RX(config)# vlan 10

BigIron RX(config-vlan-10)# tagged ethernet 4/1 to 4/3

BigIron RX(config-vlan-10)# router-interface ve 10

BigIron RX(config)# interface ethernet 4/1

BigIron RX(config-if-e10000-4/1)# acl-mirror-port ethernet 5/1

BigIron RX(config)# interface ve 10

BigIron RX(config-vif-10)# ip address 10.10.10.254/24

BigIron RX(config-vif-10)# ip access-group 102 in

BigIron RX(config)# access-list 101 permit ip any any mirror

In this configuration, the acl-mirror-port command is configured on port 4/1 which is a member of
ve 10. Because of this, ACL-based mirroring will apply to VLAN 10 traffic that arrives on ports 4/1
and 4/2. It will not apply to VLAN 10 traffic that arrives on port 4/3 because that port uses a
different PPCR than ports 4/1 and 4/2. To make the configuration apply ACL-based mirroring to
VLAN 10 traffic arriving on port 4/3, you must add the following command to the configuration.

BigIron RX(config)# interface ethernet 4/3

BigIron RX(config-if-e10000-4/3)# acl-mirror-port ethernet 5/1

Configuring numbered and named ACLs

When you configure ACLs, you can refer to the ACL by a numeric ID or by an alphanumeric name
(except for super ACLs, which must be assigned numeric IDs). The commands to configure
numbered ACLs are different from the commands to configure named ACLs.

To identify an ACL by a numeric ID, use 1 – 99 for a standard ACL, 100 – 199 for an extended
ACL, and 500 – 599 for a super ACL. This document refers to these ACLs as numbered ACLs.

To identify an ACL by a name, first specify whether the ACL is standard or extended, then
specify the name. This document refers to these ACLs as named ACLs. Super ACLs must be
configured with numeric IDs only.

You can configure up to 100 standard named or numbered IP ACLs, 100 extended named or
numbered IP ACLs, and 100 numbered super ACLs. Regardless of how many ACLs you configure,
the BigIron RX can support a maximum of 1024 ACL entries, associated with the ACLs in any
combination.

Configuring standard numbered ACLs

This section describes how to configure standard numbered ACLs with numeric IDs.

For configuration information on named ACLs, refer to

“Configuring standard or extended

named ACLs”

on page 611.

For configuration information on extended ACLs, refer to

“Configuring extended numbered

ACLs”

on page 602.

Standard ACLs permit or deny packets based on source IP addresses. You can configure up to 99
standard ACLs. There is no limit to the number of ACL entries an ACL can contain, except for the
system-wide limitation. For the number of ACL entries supported on a BigIron RX, refer to

“ACL IDs

and entries”

on page 595.

To configure a standard ACL and apply it to outgoing traffic on port 1/1, enter the following
commands.

Advertising
Popular Brands
Popular manuals