Configuration manual

ManualsBrandsEnterasys ManualsSwitchEnterasys C5G124-24

271

272

273

274

275

276

277

278

279

280

Configuring Policy

16-10 Configuring Policy

Procedure 16-2 describes how to configure an admin rule. Refer to the CLI Reference for your

platform for command details.

• egress-vlans – (Optional) Specifies the port

to which this policy profile is applied should

be added to the egress list of the VLANs

defined with this parameter. Frames will

egress as tagged.

[egress-vlans egressvlans]

• forbidden-vlans – (Optional) Specifies the

port to which this policy profile is applied

should be added as forbidden to the egress

list of the VLANs defined with this parameter.

• untagged-vlans – (Optional) Specifies the

port to which this policy profile is applied

should be added to the egress list of the

VLANs defined with this parameter. Frames

will egress as untagged.

• append – (Optional) Appends any egress,

forbidden, or untagged specified VLANs to

the existing list. If append is not specified, all

previous VLAN-egress settings for the policy

profile will be replaced.

• clear – (Optional) Clears any egress,

forbidden, or untagged VLANs specified from

the existing list.

[forbidden-vlans forbidden-vlans ]

[untagged-vlans untagged-vlans ]

[append ] [clear]

2. Create traffic classification rules and associate

them with a policy profile.

• Specify the classification type, data, and

optionally, the mask for the data

Refer to Table 16-2 on page 16-6 for

descriptions of classification types and

Table 16-3 on page 16-6 for valid data and

mask values.

• Specify the action to take when the rule is hit.

set policy rule profile-index

{ether | ipproto | ipdestsocket |

ipsourcesocket | iptos | macdest |

macsource | tcpdestport |

tcpsourceport | udpdestport |

udpsourceport} data [mask mask]

{[vlan vlan] [cos cos] | [drop

forwar

d]}

3. If the policy is intended to be a default port

policy, apply the policy to the desired ports.

set policy port port-string profile-index

Procedure 16-2 Configuring an Admin Rule

Step Task Command(s)

1. Create an admin rule:

• vlantag -- Specifies the VLAN tag on which

this rule will classify traffic

• admin-pid – Specifies the policy profile that

will be applied to traffic classified by the

VLAN tag. Valid values are 1 - 1023.

• port-string – (Optional) Applies this admin

rule to one or more ingress ports.

The ports will also be set as tagged egress

ports for the VLAN.

set policy rule admin-profile

vlantag vlan-id

admin-pid admin-pid

[port-string port-string]

Procedure 16-1 Configuring Policy Roles (continued)

Step Task Command