Alias – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 178
162
Brocade Mobility RFS Controller CLI Reference Guide
53-1003098-01
4
NOTE
For more information on WIPS, see
Chapter 10, ADVANCED-WIPS-POLICY
alias
Configures network, VLAN, host, string, and network-service aliases
Aliases are objects having a unique name and content that is determined by the alias type
(network, VLAN, and network-service).
A typical large enterprize network, consists of multiple sites (RF Domains) having similar
configuration parameters with few elements that vary, such as networks or network ranges, hosts
having different IP addresses, and VLAN IDs or URLs. These elements can be defined as aliases
(object oriented wireless firewalls) and used across sites by applying overrides to the object
definition. Using aliases results in a configuration that is easier to understand and maintain.
Multiple instances of an alias (same type and same name) can be defined at any of the following
levels: global, RF Domain, profile, or device. An alias defined globally functions as a top-level-object
(TLO). Global aliases are not mandatory, and can be defined at the domain-level, or profile, or
device-level only. An alias defined on a device is applicable to that device only. An alias defined on
a profile applies to every device using the profile. Similarly, aliases defined at the RF Domain level
apply to all devices within that domain.
Aliases defined at any given level can be overridden at any of the next lower levels. For example, a
global alias can be redefined on a selected set of RF Domains, profiles, or devices. Overrides
applied at the device level take precedence.
Aliases can be classified as:
•
address-range alias – Maps a name to a range of IP addresses. An address-range alias can be
utilized at different deployments. For example, if an ACL defines a pool of network addresses
as 192.168.10.10 through 192.168.10.100 for an entire network, and a remote location’s
network range is 172.16.13.20 through 172.16.13.110, the remote location’s ACL can be
overridden using an alias. At the remote location, the ACL works with the 172.16.13.20-110
address range. A new ACL need not be created specifically for the remote deployment location.
•
host alias – Maps a name to a specific host (identified by its IP address. For example,
192.168.10.23). A host alias can be utilized at different deployments. For example, if a central
network DNS server is set a static IP address, and a remote location’s local DNS server is
defined, this host can be overridden at the remote location. At the remote location, the network
is functional with a local DNS server, but uses the name set at the central network. A new host
need not be created at the remote location. This simplifies creating and managing hosts and
allows an administrator to better manage specific local requirements.
•
network alias – Maps a name to a network. A network alias can be utilized at different
deployments. For example, if a central network ACL defines a network as 192.168.10.0/24,
and a remote location’s network range is 172.16.10.0/24, the ACL can be overridden at the
remote location to suit their local (but remote) requirement. At the remote location, the ACL
functions with the 172.16.10.0/24 network. A new ACL need not be created specifically for the
remote deployment. This simplifies ACL definition and allows an administrator to better
manage specific local requirements.