Brocade Network OS NETCONF Operations Guide v4.1.1 Uživatelský manuál Strana 451
- Strana / 622
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
Network OS NETCONF Operations Guide 419
53-1003231-02
IP ACL
28
6. Under the <access-group> node, include the <ip-access-list> or <ipv6-access-list> leaf node,
and specify the name of the access list.
The following example applies stdV6ACL1 to the 101/0/1 interface.
<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="2410" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config>
<interface xmlns="urn:brocade.com:mgmt:brocade-interface">
<tengigabitethernet>
<name>101/0/1</name>
<ip-acl-interface>
<access-group
xmlns="urn:brocade.com:mgmt:brocade-ipv6-access-list">
<ipv6-access-list>stdV6ACL1</ipv6-access-list>
</access-group>
</ip-acl-interface>
</tengigabitethernet>
</interface>
</config>
</edit-config>
</rpc>
<rpc-reply message-id="2410" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
Binding an ACL in standalone mode or fabric cluster mode
In standalone or fabric cluster mode, an ACL can be applied to any node present in the cluster by
specifying its RBridge ID. One ACL per IPv4 and one ACL per IPv6 can be applied to the
management interface. Applying a new ACL replaces the ACL that was previously applied.
Removing the active ACL results in default behavior of “permit any.”
You can bind an IP ACL in the ingress direction for the management interface, and you are not
required to create an ACL before binding it to the management interface.
On a management interface, the default action of “permit any” is inserted at the end of an ACL that
has been bound.
NOTE
Before downgrading firmware, you must unbind any ACLs on the management interface, or the
downgrade will be blocked.
Obtaining the IP or IPv6 ACL configuration
To obtain the IP or IPv6 ACL configuration, issue the <get-config> RPC to retrieve the access list.
Set up the filter to restrict the output to the part of the configuration you want to retrieve.
The following example returns the entire IP ACL configuration.
?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="2411">
- Network OS 1
- Document History 2
- Contents (High Level) 3
- Contents (Detailed) 5
- Chapter 7 SNMP 8
- Chapter 8 Fabric 8
- Chapter 9 Metro VCS 8
- Chapter 13 VMware vCenter 10
- Chapter 19 Configuring AMPP 12
- Chapter 21 Configuring VLANs 13
- Chapter 22 Configuring VXLANs 14
- Chapter 25 Configuring UDLD 15
- Chapter 27 Configuring LLDP 16
- Chapter 28 Configuring ACLs 16
- Chapter 29 Configuring QoS 17
- Chapter 31 Configuring sFlow 18
- Chapter 32 IP Route Policy 18
- Chapter 34 Configuring OSPF 19
- Chapter 35 Configuring VRRP 19
- Section V Appendixes 20
- About This Document 27
- Document conventions 29
- Notes, cautions, and warnings 30
- Key terms 30
- Notice to the reader 31
- Additional information 31
- Getting technical help 32
- Document feedback 32
- Network OS Administration 33
- NETCONF Overview 35
- RPC request 37
- RPC reply 37
- RPC and error handling 38
- SSH subsystem 38
- RFC references 38
- NETCONF support in Network OS 39
- Basic NETCONF Operations 41
- Server capabilities 42
- Retrieving configuration data 43
- Subtree filtering 44
- Retrieving operational data 47
- Editing the configuration 50
- Managing the configuration 51
- Basic Switch Management 55
- Connecting to the switch 56
- Switch attributes 56
- Setting host attributes 57
- Rebooting a Brocade switch 59
- Replacing an interface module 61
- Configuring a switch banner 64
- </copy> 69
- </rpc-reply> 69
- Syslog server setup 70
- Adding syslog servers 71
- Removing a syslog server 74
- RASlog configuration 75
- Audit log configuration 77
- Network Time Protocol 79
- Time zone settings 80
- Evaluating a firmware upgrade 91
- ATTENTION 92
- Administering Licenses 97
- Obtaining a license key 98
- Reserving a port assignment 100
- 53-1003231-02 101
- In this chapter 105
- SNMP community strings 106
- Obtaining SNMP user names 108
- SNMP server hosts 109
- Removing the SNMP server host 111
- Enabling VCS Fabric mode 118
- Disabling VCS Fabric mode 118
- Enabling a fabric ISL 119
- Enabling a fabric trunk 120
- Disabling a fabric trunk 121
- Priorities 122
- Fabric ECMP load balancing 126
- Metro VCS 129
- Disabling a fabric ISL 130
- Administering Zones 133
- Default zoning access modes 134
- Zone database size 135
- Zone aliases 136
- Deleting an alias 141
- Zoning information 142
- Zone creation and management 147
- Adding a member to a zone 148
- Removing a member from a zone 149
- Deleting a zone 150
- Zone configuration management 151
- Enabling a zone configuration 154
- Deleting a zone configuration 155
- Zone configuration scenario 160
- • Cfg1 containing ZoneA only 161
- Compression 166
- Enabling a Fibre Channel port 168
- System Monitor Configuration 175
- FRU monitoring 176
- Alert notifications 180
- Configuring e-mail alerts 181
- To change the domain name: 183
- Resource monitoring 184
- Configuring CPU monitoring 185
- Security monitoring 186
- Interface monitoring 189
- Pausing interface monitoring 192
- VMware vCenter 195
- Step 2: Enabling CDP/LLDP 196
- Activating the vCenter 197
- Configuring Remote Monitoring 199
- Managing User Accounts 205
- Parameter Description 206
- Creating a user account 207
- Disabling a user account 209
- Deleting a user account 210
- Unlocking a user account 210
- Role-based access control 211
- User-defined roles 212
- Command access rules 214
- Rule processing 215
- Adding a rule 216
- Changing a rule 217
- Deleting a rule 217
- Verifying a rule 218
- Configuration examples 219
- Password policies 221
- Password encryption policy 222
- Account lockout policy 224
- Managing password policies 226
- Security event logging 228
- Login authentication mode 230
- TACACS+ servers 241
- TACACS+ accounting 243
- Enabling command accounting 244
- Disabling accounting 246
- Server authentication 247
- Deleting CA certificates 248
- FIPS compliance 249
- Active Directory groups 251
- Fabric Authentication 255
- Removing shared secrets 257
- Creating a defined SCC policy 260
- Modifying the SCC policy 261
- Activating the SCC policy 261
- Removing the SCC policy 263
- Edge-loop detection overview 267
- Configuring AMPP 273
- 7. Activate the profile 275
- Configuring VLAN profiles 276
- 3. Activate the profile 278
- Configuring FCoE profiles 281
- Configuring QoS profiles 282
- Configuring security profiles 286
- Deleting a port-profile 289
- Deleting a subprofile 291
- Deleting a port-profile-port 297
- Configuring FCoE Interfaces 303
- Configuring FCoE interfaces 304
- Obtaining FCoE status 307
- Configuring VLANs 309
- Creating a VLAN interface 312
- Enabling STP on a VLAN 312
- Disabling STP on a VLAN 314
- • Enables the interface 317
- • Specifies trunk mode 317
- Obtaining VLAN information 326
- Private VLANs 330
- Configuring a private VLAN 331
- Displaying PVLAN information 333
- Configuring VXLANs 335
- Displaying VXLAN information 341
- Configuring Virtual Fabrics 343
- • Primary VLAN 344
- • Isolated VLAN 344
- • Community VLAN 345
- Configuring MAC groups 358
- Transport service 359
- Configuring STP 362
- Configuring RSTP 364
- Configuring MSTP 367
- Specifying a link type 397
- Specifying the port priority 399
- Enabling spanning tree 403
- Disabling spanning tree 404
- Configuring UDLD 405
- Disabling UDLD 407
- Retrieving UDLD statistics 407
- Configuring Link Aggregation 409
- TABLE 12 Load balance flavor 415
- Configuring LLDP 421
- • <management-address> 428
- • <port-description> 428
- • <system-capabilities> 428
- • <adv-tlv-system-name> 428
- Configuring iSCSI priority 430
- Configuring LLDP profiles 430
- <edit-config> 431
- <target> 431
- <running/> 431
- (more interfaces go here) 434
- Deleting an LLDP profile 435
- Configuring ACLs 437
- Modifying MAC ACL rules 443
- Removing a MAC ACL 444
- Configuring QoS 453
- Rewriting 454
- Queueing 454
- Verifying QoS trust 455
- DSCP values User priority 460
- Verifying DSCP trust 461
- Creating a DSCP mutation map 462
- Traffic class mapping 469
- Mapping DSCP-to-Traffic-Class 473
- Congestion control 477
- Configuring CoS thresholds 478
- Random Early Detection 479
- Ethernet Pause 480
- Enabling Ethernet Pause 481
- Enabling Ethernet PFC 482
- Multicast rate limiting 483
- Configuring BUM storm control 484
- Scheduling 485
- Multicast queue scheduling 486
- Creating a CEE map 487
- Defining a priority-table map 489
- Verifying the CEE maps 490
- Brocade VCS Fabric QoS 491
- Port-based Policier 493
- Configuring the policy map 496
- Policy maps 499
- Class maps 500
- Priority maps 501
- Configuring Auto-QOS 502
- Disabling 802.1x globally 507
- 802.1x readiness check 508
- Configuring sFlow 517
- Flow-based sFlow 521
- Deleting a SPAN session 530
- SPAN in management cluster 531
- Configuring RSPAN 532
- VLAN 1010 as the destination 534
- IP Route Policy 537
- Configuring a route map 538
- IP Route Management 545
- Other routing operations 548
- Enabling IP load sharing 549
- Configuring OSPF 551
- OSPF over VRF 552
- OSPF in a VCS environment 552
- OSPF configuration rules 555
- Enabling OSPF on the router 556
- Disabling OSPF on the router 556
- Assigning OSPF areas 557
- Assigning virtual links 562
- Changing other settings 564
- Configuring VRRP 565
- Configuring the master router 567
- Configuring the backup router 569
- Enabling preemption 571
- Configuring VRF 585
- Enabling VRRP for VRF 588
- Configuring BGP 589
- Enabling BGP on an RBridge 590
- Disabling BGP on an RBridge 590
- Configuring BGP global mode 591
- Configuring IGMP 595
- Monitoring IGMP snooping 598
- Configuring DHCP Relay 599
- Appendixes 603
- Managing NETCONF 605
- • Capabilities 606
- • Datastores 606
- • Schemas 606
- • Sessions 606
- • Statistics 606
- Numerics 609
Související produkty a manuály pro Počítačové příslušenství Brocade Network OS NETCONF Operations Guide v4.1.1
Počítačové příslušenství Brocade VDX 6710-54 Hardware Reference Manual Uživatelský manuál
(72 stránky)
(72 stránky)
Počítačové příslušenství Brocade VDX 6730 QuickStart Guide (Supporting VDX 6730-32 Uživatelský manuál
(12 stránky)
(12 stránky)
Počítačové příslušenství Brocade VDX 8770-8 Two-Post Flush and Mid-Mount Rack Kit I Uživatelský manuál
(8 stránky)
(8 stránky)
Počítačové příslušenství Brocade VDX 6730 Hardware Reference Manual (Supporting VDX Uživatelský manuál
(90 stránky)
(90 stránky)
Počítačové příslušenství Brocade VDX 8770-8 Four-Post Flush and Recessed Mount Rack Uživatelský manuál
(10 stránky)
(10 stránky)
Počítačové příslušenství Brocade VDX 8770-4 Two-Post Flush and Mid-Mount Rack Kit I Uživatelský manuál
(10 stránky)
(10 stránky)
Počítačové příslušenství Brocade VDX 8770-8 Hardware Reference Manual Uživatelský manuál
(136 stránky)
(136 stránky)
Počítačové příslušenství Brocade VDX 8770-4 Four-Post Flush Mount Rack Kit Installa Uživatelský manuál
(8 stránky)
(8 stránky)
Počítačové příslušenství Brocade Network OS Administrator’s Guide v4.1.1 Uživatelský manuál
(748 stránky)
(748 stránky)
Počítačové příslušenství Brocade VDX 8770-4 Four-Post Flush and Recessed Mount Inta Uživatelský manuál
(24 stránky)
(24 stránky)
Počítačové příslušenství Brocade VDX 8770-4 Hardware Reference Manual Uživatelský manuál
(132 stránky)
(132 stránky)
Počítačové příslušenství Brocade Universal Two-Post Rack Kit Installation Procedure Uživatelský manuál
(1 stránky)
(1 stránky)
Počítačové příslušenství Brocade Universal Four Post Rack Kit Installation Procedur Uživatelský manuál
(20 stránky)
(20 stránky)
Počítačové příslušenství Brocade VDX 6740 Hardware Reference Manual (Supporting VDX Uživatelský manuál
(78 stránky)
(78 stránky)
Počítačové příslušenství Brocade 6910 Ethernet Access Switch MIB Reference Uživatelský manuál
(102 stránky)
(102 stránky)
Počítačové příslušenství Brocade FCX Series Hardware Installation Guide Uživatelský manuál
(112 stránky)
(112 stránky)
(84 stránky)© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.053 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce