Table of Contents
Advertisement
map is used in ROUTER RIP mode to apply a tag of 34 to all internal OSPF routes that are redistributed into
RIP.
Example of the redistribute Command Using a Route Tag
!
router rip
redistribute ospf 34 metric 1 route-map torip
!
route-map torip permit 10
match route-type internal
set tag 34
!
Continue Clause
Normally, when a match is found, set clauses are executed, and the packet is then forwarded; no more route-
map modules are processed.
If you configure the continue command at the end of a module, the next module (or a specified module) is
processed even after a match is found. The following example shows a continue clause at the end of a route-
map module. In this example, if a match is found in the route-map "test" module 10, module 30 is processed.
NOTE:
If you configure the continue clause without specifying a module, the next sequential module is
processed.
Example of Using the continue Clause in a Route Map
!
route-map test permit 10
match commu comm-list1
set community 1:1 1:2 1:3
set as-path prepend 1 2 3 4 5
continue 30!
IP Fragment Handling
Dell Networking OS supports a configurable option to explicitly deny IP fragmented packets, particularly
second and subsequent packets.
It extends the existing ACL command syntax with the fragments keyword for all Layer 3 rules applicable to
all Layer protocols (permit/deny ip/tcp/udp/icmp).
•
Both standard and extended ACLs support IP fragments.
•
Second and subsequent fragments are allowed because a Layer 4 rule cannot be applied to these
fragments. If the packet is to be denied eventually, the first fragment would be denied and hence the
packet as a whole cannot be reassembled.
•
Implementing the required rules uses a significant number of CAM entries per TCP/UDP entry.
•
For IP ACL, Dell Networking OS always applies implicit deny. You do not have to configure it.
•
For IP ACL, Dell Networking OS applies implicit permit for second and subsequent fragment just prior to
the implicit deny.
•
If you configure an explicit deny, the second and subsequent fragments do not hit the implicit permit
rule for fragments.
Access Control Lists (ACLs)
148
Advertisement
Table of Contents
Troubleshooting
