Configuration Example For Catena-Transparent Mode Vacl - Cisco Nexus 7000 Series Configuration Manual

The catena solution

Hide thumbs Also See for Nexus 7000 Series:

Command reference manual (1018 pages)

Reference manual (746 pages)

Configuration manual (536 pages)

Table Of Contents

Table of Contents

Configuration Example for Catena—Transparent Mode VACL

This example shows the full ACL support including source IP, destination IP, source L4 port number, and

destination L4 port number.

switch# show ip access-lists test1

IP access list test1

switch# show run catena

feature catena

catena port-group pg1

int eth1/4

catena device-group dg1

node ip 1.1.1.2

catena ins1

chain 10

10 access-list test1 ingress-port-group pg1 egress-device-group dg1 mode forward

no shutdown

Configuration Example for Catena—Transparent Mode VACL

This example shows how to configure Catena in transparent mode:

switch# configure terminal

switch(config)# feature catena

switch(config)# catena port-group pg1

switch(config-port-group)# interface Eth 1/2

switch(config-pg-node)# catena port-group pg2

switch(config-port-group)# interface Eth 1/4

switch(config-pg-node)# catena vlan-group vg1

switch(config-vlan-group)# vlan 10

switch(config-vlan-group)# catena vlan-group vg2

switch(config-vlan-group)# vlan 20

switch(config)# ip access-list acl1

switch(config-acl)# 10 permit ip 192.0.2.1/24 any

switch(config)# ip access-list acl2

switch(config-acl)# 10 permit ip 198.51.100.1/24 any

switch(config)# ip access-list acl3

switch(config-acl)# 10 permit ip 203.0.113.1/24 any

switch(config-acl)# exit

switch(config)# catena ins_redirect

switch(config-catena-instance)# chain 10

switch(config-catena)# 10 access-list acl1 vlan-group vg1 egress port-group pg1 mode forward

switch(config-catena)# 20 access-list acl1 vlan-group vg2 egress port-group pg2 mode forward

switch(config-catena)# no shutdown

switch(config-catena-)# catena ins_bypass

switch(config-catena-instance)# chain 10

switch(config-catena)#10 access-list acl2 vlan-group vg1 egress port-group pg1 mode bypass

switch(config-catena)# no shutdown

switch(config-catena-)# catena ins_drop

switch(config-catena-instance)# chain 10

switch(config-catena)#10 access-list acl3 vlan-group vg1 egress port-group pg1 mode forward

switch(config-catena)#20 access-list acl3 vlan-group vg1 egress port-group pg1 mode drop

switch(config-catena)# no shutdown

switch# show running-config catena

feature catena

catena vlan-group vg1

vlan 10

catena vlan-group vg2

vlan 20

catena port-group pg1

Cisco Nexus 7000 Series Switches Configuration Guide: The Catena Solution

10 permit ip 10.1.1.1/24 any

20 permit tcp 10.2.1.1/24 eq 1034 172.16.0.1/24 eq 3456

30 permit udp 10.3.1.1/24 eq 2345 192.168.0.1/24 eq 2134

Configuring the Catena Solution

Table of Contents

Show Quick Links

Quick Links:
Configuring a Port Acl

Hide quick links:

Table of Contents

Configuration Example For Catena-Transparent Mode Vacl - Cisco Nexus 7000 Series Configuration Manual

Hide quick links:

Related Manuals for Cisco Nexus 7000 Series

Related Content for Cisco Nexus 7000 Series

Table of Contents