Applying An Acl To All Traffic Within A Context - Cisco ASR 5000 Series Administration Manual
Staros release 21.4
Hide thumbs
Also See for ASR 5000 Series:
- Product overview (992 pages) ,
- Installation manual (317 pages) ,
- Administration manual (234 pages)
Table of Contents
Advertisement
Applying the ACL to a Context
• The ACL to be applied must be configured in the context specified by this command.
• Up to 16 ACLs can be applied to a group provided that the number of rules configured within the ACL(s)
Applying an ACL to All Traffic Within a Context
This section provides information and instructions for applying one or more ACLs to a context configured
within a specific context on the system. The applied ACLs, known as policy ACLs, contain rules that apply
to all traffic facilitated by the context.
Important
To configure the system to provide access control list facility to subscribers:
Step 1
Apply the configured ACL as described in
Step 2
Verify that ACL is applied properly on interface as described in
256
Step 3
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter.
Verifying the ACL Configuration in a Context
To verify the ACL configuration:
Verify that your ACL lists were applied properly by entering the following command in Exec Mode:
host_name
[local]
context_name is the name of the context to which the ACL(s) was/were applied.
The output of this command displays the configuration of the entire context. Examine the output for the commands
pertaining to interface configuration. The commands display the ACL(s) applied using this procedure.
ASR 5500 System Administration Guide, StarOS Release 21.4
256
• Outgoing packets to an external source.
• Incoming packets that fail flow match and are forwarded again. In this case, the context ACL
applies first and only if it passes are packets forwarded.
During forwarding, if an ACL rule is added with a destination address as a loopback address, the
context ACL is also applied. This is because StarOS handles packets destined to the kernel by
going through a forwarding lookup for them. To apply ACL rules to incoming packets, the interface
ACL must be used instead of the context ACL.
does not exceed the 256-rule limit for the interface.
This section provides the minimum instruction set for applying the ACL list to all traffic within a context.
For more information on commands that configure additional parameters and options, refer to the Context
Configuration Mode Commands chapter in the Command Line Interface Reference.
Applying the ACL to a Context, on page 255
show configuration context context_name
#
Verifying the ACL Configuration in a Context, on page
Access Control Lists
Advertisement
Table of Contents
Troubleshooting
