Service Manual
Defaults none
Command Modes CONFIGURATION
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
9.4(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
8.4.2.1 Introduced on the C-Series and S-Series.
8.4.2.0 Introduced on the E-Series TeraScale.
6.5.3.0 Introduced on the E-Series ExaScale.
permit
Configure a permit rule. A permit rule excludes the matching packets from PBR classification and routes them using conventional routing.
Syntax
permit {ip-protocol-number | protocol-type} {source mask | any | host ip-
address} {destination mask | any | host ip-address} [bit] [operators]
To remove the rule, use one of the following:
• If you know the filter sequence number, use the no seq sequence-number syntax command.
•
You can also use the no permit {ip-protocol-number | protocol-type} {source mask |
any | host ip-address} {destination mask | any | host ip-address} [bit]
[operators] command.
Parameters
ip-protocol-number Enter a number from 0 to 255 for the protocol identified in the IP protocol header.
protocol-type Enter one of the following keywords as the protocol type:
• icmp for internet control message protocol
• ip for any internet protocol
• tcp for transmission control protocol
• udp for user datagram protocol
source Enter the IP address of the network or host from which the packets were sent.
mask Enter a network mask in /prefix format (/x).
any Enter the keyword any to specify that all traffic is subject to the filter.
host ip-address Enter the keyword host then the IP address to specify a host IP address.
destination Enter the IP address of the network or host to which the packets are sent.
bit (OPTIONAL) For the TCP protocol type only, enter one or a combination of the following
TCP flags:
• ack = acknowledgement
• fin = finish (no more data from the user)
•
psh = push function
• rst = reset the connection
• syn = synchronize sequence number
934 Policy-based Routing (PBR)