KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5412R zl2 Switch

361

362

363

364

365

366

367

368

369

370

Zone class configuration examples

The following example shows several class configurations:

• Ports A10-A24 belong to the internal zone class.

• Port A1 belongs to the external zone class.

Example 227 A zone class configuration

HP Switch(config)#: class zone internal

HP Switch(config-class)#: port-list a10-a24

HP Switch(config-class)#: exit

HP Switch(config)#: class zone external

HP Switch(config-class)#: port-list a1

HP Switch(config-class)#: exit

Creating a zone policy

1. To create a zone policy that performs zone-specific actions on selected packets, enter the

policy zone policy-name command from the global configuration context.

Context: Global configuration

Syntax:

[no] policy zone policy-name

Defines the name of a service policy and enters the policy configuration context,

where policy-name is a text string (64 characters maximum). This name should

not be the same as a zone name.

A zone policy consists of one or more actions that are configured for specific zones.

No action is performed on packets sent to or from ports in the BYPASS zone. By default, ports

are assigned to the BYPASS zone unless you explicitly assign them to a different zone.

2. To configure the actions that you want to execute on ports associated with a zone, enter one

or more class commands from the policy configuration context.

Context: Policy configuration

Syntax:

[no] [seq-number] class zonesource zone name destination zone name

action intercept unidirectional

Defines the source and destination zones for packets that must be intercepted and

forwarded to the ONE application.

seq-number (Optional) Sequentially orders the

class-action statements in a policy

configuration. Actions are executed on

matching packets in numerical order.

source zone name Defines the source zone for packets that must

be intercepted and forwarded to the ONE

application.

destination zone name Defines the destination zone for packets that

must be intercepted and forwarded to the

ONE application.

action intercept

unidirectional

Defines the action as intercept and the flow

of traffic as unidirectional (one-way).

Default: Class-action statements are numbered in increments of 10, starting at 10.

366 Classifier-based software configuration