[f-nsp] Extended ACLs and Route Only on FastIron
Scott T. Cameron
routehero at gmail.com
Thu Mar 3 06:10:53 EST 2011
A config example will help paint a clearer picture.
If you want an interface to be "route only", then put it in the default VLAN
and add an IP to it:
SSH at core01#show run int e 6/2
interface ethernet 6/2
port-name ussvl
load-interval 30
ip address 172.30.253.249 255.255.255.252
ip ospf area 0.0.0.0
ip ospf priority 250
ipv6 address 2620:a4:1:fff0::1/64
ipv6 ospf area 0.0.0.5
!
On Thu, Mar 3, 2011 at 5:55 AM, <lausgans at gmail.com> wrote:
> Hello.
> Every time i'm trying to disable "L2 Switching" or enable "Route Only"
> or global or per port basis, i'm getting these options disabled again
> after saving to flash and reloading of device (i'm running Base L3 layer
> firmware on FES2404).
>
> I'm interesting in these options because i want to apply extended ACL
> to one of ports on my device.
>
> I've also found that "ACL filtering based on VLAN membership or VE port
> membership (acl-per-port-per-VLAN)" feature is not supported. Does this
> mean that it's impossible to apply any ACL rule to the port that
> actually is a member of non-default VLAN group?
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20110303/0f9b320a/attachment.html>
More information about the foundry-nsp
mailing list