Posted on October 31, 2016 2:10 pm
 |  Asked by Rayne R
 |  610 views
RESOLVED
0
0
Print Friendly, PDF & Email

Hi all,

I am writing a script to automatically modify my ACL using eAPI. The modification is done every 1 second. The commands I send to the switch are as follows.

  1. enable
  2. configure
  3. no ip access-list abc-acl
  4. ip access-list abc-acl
  5. <list of rules>
  6. exit

What I noticed is that in the instant where I remove the ACL (Step 3), traffic comes flooding through. Once the ACL is in place (Step 4), the traffic is filtered in the way I want it to.

My question is is there a better way to clear the ACL (replace Step 3)? I don’t want to work with delta changes, as Step 5 is the full list of rules.

Thank you.

1
Posted by Stephen
Answered on October 31, 2016 4:08 pm

Rayne R,

I recommend trying config sessions, and ”commit” all the changes at once.

  1. enable
  2. configure session
  3. no ip access-list abc-acl
  4. ip access-list abc-acl
  5. <list of rules>
  6. commit
  7. exit

Regards – Stephen

Post your Answer

You must be logged in to post an answer.