Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 875
Brocade Mobility RFS Controller CLI Reference Guide
863
53-1003098-01
9
deny
[ap621|ap622|br650|br6511|ap6521|br1220|ap6532|ap6562|br71xx|br81xx|ap82xx|
rfs4000|rfs6000|rfs7000|nx45xx|nx65xx|nx9000] precedence <1-1000> [cdp-match
<LOCATION-SUBSTRING>|dhcp-option <DHCP-OPTION>|fqdn <FQDN>|ip [<START-IP>
<END-IP>|<IP/MASK>]|
lldp-match <LLDP-STRING>|mac <START-MAC> {<END-MAC>}|model-number
<MODEL-NUMBER>|serial-number <SERIAL-NUMBER>|vlan <VLAN-ID>]
deny
Adds a deny adoption rule. The rule applies to the selected device types. Specify the device type and
assign a precedence to the rule.
The different device types are:
•
Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point, Brocade
Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade Mobility 1240 Access Point
•
Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade Mobility
RFS7000
•
Service Platforms — Brocade Mobility RFS9510
precedence
<1-10000>
Sets the rule precedence. A rule with a lower value has a higher precedence.
After specifying the rule precedence, specify the match criteria. Devices matching the specified criteria are
denied adoption.
cdp-match
<LOCATION-SUBSTRING>
Matches a substring in a list of CDP snoop strings (case insensitive). For example, if an access point
snooped 3 devices: controller1.example.com, controller2.example.com and controller3.example.com,
'controller1', ‘example’, 'example.com', are examples of the substrings that will match.
•
<LOCATION-SUBSTRING> – Specify the value to match. Devices matching the specified value are
denied adoption.
dhcp-option
<DHCP-OPTION>
Matches the value found in DHCP vendor option 191 (case insensitive). DHCP vendor option 191 can be
setup to communicate various configuration parameters to an AP. The value of the option in a string in the
form of tag=value separated by a semicolon, for example 'tag1=value1;tag2=value2;tag3=value3'. The
access point includes the value of tag 'rf-domain', if present.
•
<DHCP-OPTION> – Specify the DHCP option value to match. Devices matching the specified value are
denied adoption.
fqdn <FQDN>
Matches a substring to the FQDN of a device (case insensitive)
FQDN is a domain name that specifies its exact location in the DNS hierarchy. It specifies all domain levels,
including its top-level domain and the root domain.
•
<FQDN> – Specify the FQDN. Devices matching the specified value are denied adoption.
ip
[<START-IP>
<END-IP>|<IP/MASK>]
Denies adoption if a device's IP address matches the specified IP address or is within the specified IP
address range
•
<START-IP> – Specify the first IP address in the range.
•
<END-IP> – Specify the last IP address in the range.
•
<IP/MASK> – Specify the IP subnet and mask to match against the device’s IP address.
lldp-match
<LLDP-STRING>
Matches a substring in a list of LLDP snoop strings (case insensitive). For example, if an access point
snooped 3 devices: controller1.example.com, controller2.example.com and
controller3.example.com,'controller1', 'example', 'example.com', are examples of the substrings that will
match.
LLDP is a vendor neutral link layer protocol used to advertise a network device’s identity, capabilities, and
neighbors on a local area network.
•
<LLDP-STRING> – Specify the LLDP string. Devices matching the specified values are denied
adoption.
mac
<START-MAC>
{<END-MAC>}
Denies adoption if a device's MAC address matches the specified MAC address or is within the specified
MAC address range
•
<START-MAC> – Specify the first MAC address in the range. Provide this MAC address if you want to
match for a single device.
•
<END-MAC> – Optional. Specify the last MAC address in the range.
model-number
<MODEL-NUMBER>
Denies adoption if a device’s model number matches <MODEL-NUMBER>
•
<MODEL-NUMBER> – Specify the model number.