Applying acls to interfaces, Reapplying modified acls, Acl automatic rebind – Brocade BigIron RX Series Configuration Guide User Manual

Page 711: Manually setting the acl rebind, Applying acls to a virtual routing interface, Acl automatic, Rebind

Advertising
background image

BigIron RX Series Configuration Guide

633

53-1002484-04

Applying ACLs to interfaces

22

Applying ACLs to interfaces

Configuration examples in the section

“Configuring numbered and named ACLs”

on page 600

show that you apply ACLs to interfaces using the ip access-group command. This section present
additional information about applying ACLs to interfaces. Configuration examples for super ACLs
appear in the section

“Configuring super ACLs”

on page 613.

Reapplying modified ACLs

If you make an ACL configuration change, you must reapply the ACLs to their interfaces for the
change to take effect.

An ACL configuration change includes any of the following:

Adding, changing, or removing an ACL or an entry in an ACL

Changing a PBR policy

Changing ToS-based QoS mappings

ACL automatic rebind

ACL automatic rebind feature allows the newly changed ACL filter definitions to be automatically
applied to the ports where the ACL was bound without using the “ip rebind-acl” command.

NOTE

Brocade recommends that this feature only be used when a small number of ACL filters are
configured, otherwise a delay may be observed.

Enter commands such as the following to enable ACL automatic rebind.

BigIron RX(config)# auto-acl-rebind

Syntax: [no] auto-acl-rebind

Manually setting the ACL rebind

To reapply ACLs following an ACL configuration change, enter the following command at the global
CONFIG level of the CLI.

BigIron RX(config)# ip rebind-acl all

Syntax: [no] ip rebind-acl <num> | <name> | all

Applying ACLs to a virtual routing interface

You can apply an ACL to a virtual routing interface for the inbound traffic direction only. The virtual
interface is used for routing between VLANs, and contains all the ports within the VLAN. You also
can specify a subset of ports within the VLAN containing a specified virtual interface when
assigning an ACL to that virtual interface.

Use this feature when you do not want the ACLs to apply to all the ports in the virtual interface’s
VLAN or when you want to streamline ACL performance for the VLAN.

Advertising
Popular Brands
Popular manuals