Interface And Hardware Component Configuration Guide For Cisco Ncs 5500 Series Routers, Ios Xr Release - Cisco NCS 5500 Series Configuration Manual

Interface and hardware component configuration

Hide thumbs Also See for NCS 5500 Series:

Configuration manuals (268 pages)

Configuration manual (172 pages)

Hardware installation manual (146 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

Table of Contents

Configuring UDF-Based ACL for Traffic Mirroring

Command or Action

Step 2

udf udf-name header {inner | outer} {l2 | l3 | l4} offset

offset-in-bytes length length-in-bytes

Example:

RP/0/RP0/CPU0:router(config)# udf udf3 header outer

l4 0 length 1

(config-mon)#

Example:

RP/0/RP0/CPU0:router(config)# udf udf3 header inner

l4 10 length 2

(config-mon)#

Example:

RP/0/RP0/CPU0:router(config)# udf udf3 header outer

l4 50 length 1

(config-mon)#

Step 3

hw-module profile tcam format access-list {ipv4 | ipv6}

[acl-qualifiers] [ udf1 udf-name1 ... udf8 udf-name8]

enable-capture

Example:

RP/0/RP0/CPU0:router(config)# hw-module profile tcam

format access-list ipv4 src-addr dst-addr src-port

dst-port proto tcp-flags packet-length frag-bit

udf1 udf-test1 udf2 udf-test2 enable-capture

Step 4

ipv4 access-list acl-name

Example:

RP/0/RP0/CPU0:router(config))# ipv4 access-list acl1

Step 5

permit regular-ace-match-criteria udf udf-name1 value1 ...

udf-name8 value8

Example:

RP/0/RP0/CPU0:router(config-ipv4-acl)# 10 permit

ipv4 any any udf udf1 0x1234 0xffff udf3 0x56 0xff

RP/0/RP0/CPU0:router(config-ipv4-acl)# 30 permit

ipv4 any any dscp af11 udf udf5 0x22 0x22

Step 6

exit

Example:

RP/0/RP0/CPU0:router(config-ipv4-acl)# exit

Interface and Hardware Component Configuration Guide for Cisco NCS 5500 Series Routers, IOS XR Release

6.1.x

130

Purpose

Configures the individual UDF definitions. You can

specify the name of the UDF, the networking header to

offset from, and the length of data to be extracted.

The inner or outer keywords indicate the start of offset

from the unencapsulated Layer 3 or Layer 4 headers, or

if there is an encapsulated packet, they indicate the start

of offset from the inner L3/L4.

Note

The maximum offset allowed, from the start of

any header is, 63 bytes

The length keyword specifies the length from the offset,

in bytes. Range is from 1 to 4.

Adds the user-defined fields to the ACL key definition

that is sent to the hardware.

A reload of the line card is required for the new

Note

TCAM profile to take effect.

Creates the ACL and enters the IP ACL configuration

mode. The length of acl-name argument can be up to 64

characters.

Configures an ACL with UDF match.

Exits IP ACL configuration mode and returns to global

configuration mode.

Configuring Traffic Mirroring

Table of Contents

Interface And Hardware Component Configuration Guide For Cisco Ncs 5500 Series Routers, Ios Xr Release - Cisco NCS 5500 Series Configuration Manual

Interface and Hardware Component Configuration Guide for Cisco NCS 5500 Series Routers, IOS XR Release

Troubleshooting

Related Manuals for Cisco NCS 5500 Series

Related Content for Cisco NCS 5500 Series

Table of Contents