Device-Wide Policy Lists; Defining Global Rules - Avaya G430 Manual

Device-wide policy lists

You can attach a policy list (other than a policy-based routing list) to every interface on the
Branch Gateway using one command. To do this, attach a list to the Loopback 1 interface. For
more information, see
Note:
If you attach a policy list to a Loopback interface other than Loopback 1, the policy list has
no effect.
When you attach a policy list to the Loopback 1 interface, thereby creating a device-wide policy
list, and you also attach policy lists to specific interfaces, the Branch Gateway applies the lists
in the following order:
• Incoming packets:
• Outgoing packets:

Defining global rules

About this task
In an access control list, you can define global rules for packets that contain IP fragments and
IP options. These rules apply to all packets. This is in contrast to individual rules, which apply
to packets that match certain defined criteria. See
The Branch Gateway applies global rules before applying individual rules.
Procedure
1. Enter the context of the access control list in which you want to define the rule.
2. Enter one of the following commands, followed by the name of a composite
Administering Avaya G430 Branch Gateway
Policy list attachments
a. Apply the ingress policy lists that are attached to the interface
b. Apply the device-wide ingress policy lists
a. Apply the device-wide egress policy lists
b. Apply the egress policy lists that are attached to the interface
command:
• ip-fragments-in. Applies to incoming packets that contain IP fragments
• ip-option-in. Applies to incoming packets that contain IP options
on page 564.
Policy rule configuration
Policy lists
on page 568.
October 2013 567