Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N2100 Series
1561156215631564156515661567156815691570
Layer 3 Routing Commands 1568
Actions in the IP ACL configuration are applied with other actions present in
the route-map. If an IP ACL referenced by a route-map is removed or rules
are added or deleted from the ACL, the configuration is rejected..
If a list of IP access lists is specified in this command and a packet matches at
least one of these access list match criteria, the corresponding set of actions in
the route map are applied to the packet. Duplicate IP access list names are
ignored.
It is strongly recommended that access lists used in a route map not be re-
used for normal access list processing. This is because:
ACLs inherit the priority of the route map. This overrides the priority of
the including access group.
Route maps do not have a implicit deny all at the end of the list. Instead,
non-matching packets for a permit route map use the routing table.
Example
The example below creates two access lists (R1 and R2) and two route-maps
with IP address match clauses and that associate the route-map to an
interface.
In the example, the ip policy route-map equal-access command is applied to
interface VLAN 11. All packets ingressing VLAN 11 are policy-routed.
Route map sequence 10 in route map
equal-access
is used to match all
packets sourced from any host in subnet 10.1.0.0. If there is a match, and if
the router has no explicit route for the packet’s destination, it is sent to next-
hop address 192.168.6.6.
Route map sequence 20 in route map
equal-access
is used to match all
packets sourced from any host in subnet 10.2.0.0. If there is a match, and if
the router has no explicit route for the packet’s destination, it is sent to next-
hop address 172.16.7.7.
All other packets are forwarded as per normal L3 destination-based routing.
console(config-if-vlan3)#ip policy route-map equal-access
console(config)#ip access-list R1
console(config-ip-acl)#permit ip 10.1.0.0 0.0.255.255 any
console(config-ip-acl)#exit
console(config)#ip access-list R2
console(config-ip-acl)#permit ip 10.2.0.0 0.0.255.255 any
console(config-ip-acl)#exit
2CSNXXX_SWUM204.book Page 1568 Monday, January 25, 2016 1:25 PM