Create an Egress Policy for a Device

An egress policy (or listener policy) defines the actions to apply to outbound packets.

Before you begin

  • Create a policy rule match to associate with the policy. For more information, see Change a Policy Rule Match for a Device.
  • An ACL bound to an egress policy can be modified.
  • An egress policy bound to an egress can be modified.

About this task

Take the following steps to define the criteria for a policy. Each set of criteria is a rule. A policy can contain multiple rules.

Note

Note

This procedure applies only to Extreme 9920 devices.

Listener policy byte count is incorrect when truncation is enabled. The byte count for truncated packets is the actual byte count seen by the egress ACL before truncation.

Procedure

  1. In the Navigation menu, select Device Inventory.
  2. In the Devices page, click anywhere in the required device row except the Actions column (Actions column icon) to proceed to the device Overview page.
  3. In the Device Config menu, select Policies and Configuration > Policies > Add Policy.
  4. In the Name field, enter a unique name for the policy.
    An egress policy cannot have the same name as another egress policy or the reserved keyword all.
  5. In the Policy Type field, select Egress Policy.
  6. Select the Sequence in which to apply the rule.
  7. In the Matches field, select a policy rule match.
    • If you did not create a policy rule match, select Create Match to create the match now.
    • For a policy, you can select three rule matches of different types: 1 v4, 1 v6, and 1 l2.
    • You cannot use the same policy rule match multiple times in a policy.
  8. In the Packet Slicing field, enter a value to represent the maximum packet size after slicing.
    The final packet size will be less than or equal to this value.
  9. In the Header Stripping field, select one or more tags to strip: 802.1BR, VLAN, or VN (Virtual NIC).
    The 802.1BR and VN tags cannot coexist in the same policy rule action.
  10. In the VLAN field, select the VLAN ID to change the VLAN tag in the egress packet.
  11. To remove the outermost tunnel headers from the packet, select the Decap check box.
  12. To prevent the rule from being used in the policy, select the Deny check box.
    Tip

    Tip

    This option prevents the rule from being used, but does not delete the configuration of the rule. The rule is skipped and is not used to drop a packet. You can reinstate the rule later without having to reconfigure it.
  13. Select Add Rule.
    The rule parameters appear in the pane on the right.
  14. Repeat step 7 through step 13 until you have added all the rules you need.
  15. Select Create.
9038969-00 Rev AA