• Author : Anurag Mishra

 
 

Security ACLs on L3 subinterfaces

Description This feature allows the user to configure ACLs on L3 subinterfaces. These ACLs are implemented as router ACLs (with internal or dot1q VLAN based on platform and ACL direction). Platform compatibility This feature is supported on DCS-7010T,  DCS-7300, DCS-7250X, DCS-7050X/X2/X3/SX3/CX3, DCS-7060X/X2/X3 ( platforms that support ACLs ). The table below summarizes which VLAN is used for the router ACL applied on subinterface. Chip uses vfiForwarding Ingress ACLs Egress ACLs No Internal VLAN Dot1q VLAN Yes Internal VLAN Internal VLAN Configuration Step 1: Create an ACL ld207(config)#ip access-list acl1 ld207(config-acl-acl1)#permit ip any any ld207(config-acl-acl1)#exit Step 2: Apply it on a...
Continue reading →

Mirroring ACLs with subinterface as source

Description This feature allows a user to configure a mirror session with subinterface sources from the CLI. An explicit ACL may be optionally applied to each source in the session. This feature is only available with ingress mirroring ( Rx direction ). Platform compatibility All 7050X, 7050X2, 7050X3, 7060X, 7260X, 7060X2, 7260X3 series platforms Configuration Sample mirror session configuration: gd387(config)#monitor session session1 source Ethernet 5/1.1 rxgd387(config)#monitor session session1 source Ethernet 5/1.2 rx ip access-group acl1gd387(config)#monitor session session1 source Ethernet 6/1 rxgd387(config)#monitor session session1 destination ethernet 14/1gd387(config)#show monitor sessionSession session1------------------------Programmed in HW: YesSource Ports:  Rx Only:     Et5/1.2(IP ACL: acl1),...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: