Restrictions On The Usage Of Loopback Interface Acl; Example Of Loopback Interface Configuration Sequence - Dell Force10 S2410-01-10GE-24P Configuration Manual

To apply an ACL (standard or extended) for loopback, use the following sequence:
Step Command Syntax
1 • For a Standard IP ACL:
access-list
[assign-queue
• For an Extended IP ACL:
access-list
|
tcp
{
portkey
[
precedence
[
assign-queue
interface loopback 0
2
ip access-group
3
show ip access-lists [
4
5 show interface loopback 0

Restrictions on the usage of loopback interface ACL

As noted above, applying an ACL to loopback interface 0 in turn applies the ACL to all physical
interfaces. To configure additional ACLs on a physical interface, be aware that the "loopback interface
ACL" might conflict with the desired physical interface ACL behavior.

Example of loopback interface configuration sequence

In the following example, two rules are added to ACL 2, and then ACL 2 is applied to the loopback
interface.
204 | Access Control
{deny | permit} {every |
1-99
] [{mirror
queue-id
{ |
deny permit
100-199
| } {
udp any
protocol_number
| }{ |
any
0-65535 dstip dstmask
|
tos
precedence tos tosmask
] [
redirect
queue-id
] in
[
ACLnumber seq
ACLnumber ]
} [log]
srcip srcmask
| redirect} ]
unit/slot/port
} { | | |
every icmp igmp
| } { |
any eq
srcip srcmask
} [ { |
eq
portkey 0-65535
| ] [
dscp log
dscp
]
unit/slot/port
Command
Mode Purpose
Global Create an IP ACL.
Note: The mirror
Config
option is only
available for the S50V
|
ip
and S25P.
}]
]
Global Create the loopback
Config interface and access
the Interface Config
mode.
Interface Attach the specified
Config ACL to the loopback
interface.
Privileged Display rules
Exec associated with the
specified ACL.
Privileged Display the loopback
Exec configuration.