• Author : Syed Rahi

 
 

L2 Sub-interfaces

Description A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1q tag> tuple is treated as a first class bridging interface. Like other types of interfaces, a L2 sub-interface is a normal bridging endpoint in the bridging domain. Platform Compatibility DCS-7280R Series DCS-7280R2 Series DCS-7280R3 Series DCS-7500R Series DCS-7500R2 Series DCS-7500R3 Series DCS-7800R3 Series Configuration Creating a L2 Sub-interface The mandatory steps to configure a L2 sub-interface on an Arista switch are: Configure the parent interface to be a routed port Arista(config)#interface et1 Arista(config-if-Et1)#no switchport Create a sub-interface...
Continue reading →

Packet Length Match in Ingress Security Acls

Introduction This article describes the configuration to match on Ipv4 packets based on packet length in Access control lists( ACLs). The configuration is valid only for Ingress ACLs applied on Ports and SVI’s. ACL rules can be configured to filter ingress packets based on their IP length (present in the IPv4 header). The match criteria consist of lookups on the IP length field. The supported range operators are as follows: any – all lengths eq length1, length2 … lengthn – A list of lengths. Max list size of 10 numbers gt length – The set of lengths with numbers larger than the listed...
Continue reading →

Global config command to change implicit “v6 permit icmp all”

Introduction When a user configures IPv6 ACLs, by default, the system automatically  includes two additional rules :- a default drop rule and a permit all ICMP  types rule. This feature provides the user ability to override the default behavior from permitting ALL IPv6 ICMP types to ONLY permitting IPv6 ICMP neighbor discovery types. Caveats The configuration ONLY applies to IPv6 ACL rules configured  after applying the command “hardware access-list ipv6 implicit-permit icmpv6 neighbor-discovery”. All IPv6 ACLs configured and programmed prior  to applying the command will remain unaffected. Platform compatibility DSC-7050S DCS-7050T DCS-7050Q DCS-7010T DCS-7304 DCS-7316 DCS-7250 Configuration The following example...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: