Applying a mac acl to a vlan interface – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

Page 442

Advertising
background image

410

Network OS NETCONF Operations Guide

53-1003231-02

ACL configuration and management

28

<switchport>

<basic/>

</switchport>

<mac xmlns="urn:brocade.com:mmgmt:brocade-mac-access-list">

<access-group>

<mac-access-list>test_02</mac-access-list>

<mac-direction>in</mac-direction>

</access-group>

</mac>

</tengigabitethernet>

</interface>

</config>

</edit-config>

</rpc>

<rpc-reply message-id="2402" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<ok/>

</rpc-reply>

Applying a MAC ACL to a VLAN interface

Ensure that the ACL that you want to apply exists and is configured to filter traffic in the manner
that you need for a specific VLAN interface. An ACL does not take effect until it is expressly applied
to an interface. Frames can be filtered as they enter an interface (ingress direction).

To apply a MAC ACL to a VLAN interface, perform the following steps.

1. Issue an <edit-config> RPC to configure the <interface-vlan> node in the

urn:brocade.com:mgmt:brocade-interface namespace.

2. Under the <interface-vlan> node, specify the <interface>/<vlan> hierarchy of node elements.

3. Under the <vlan> node, include the <name> element and specify the VLAN-ID of the VLAN to

which you want to assign an access list.

4. Under the <vlan> node, specify the <mac> node that resides in the

urn:brocade.com:mgmt:brocade-mac-access-list namespace.

5. Under the <mac> node, include the <access-group> node element.

6. Under the <access-group> node, include the <mac-access-list> leaf element, and set its value

to the name of the MAC access list you want to apply to the VLAN.

7. Optional: Under the <access-group> node, include the <mac-direction> leaf element, and set

its value to “in” or “out” to associate the ACL with ingress traffic or egress traffic, respectively.

<?xml version="1.0" encoding="UTF-8"?>

<rpc message-id="2403" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<edit-config>

<target>

<running/>

</target>

<config>

<interface-vlan xmlns="urn:brocade.com:mgmt:brocade-interface">

<interface>

<vlan>

<name>50</name>

<mac xmlns="urn:brocade.com:mmgmt:brocade-mac-access-

list">

<access-group>

Advertising
See also other documents in the category Brocade Computer Accessories: