Configure an ACE
Note
DEMO FEATURE - Policy Based Routing (Redirect Next Hop) per VRF is a demonstration feature on some products. Demonstration features are provided for testing purposes. Demonstration features are for lab use only and are not for use in a production environment. For more information, see VOSS Feature Support Matrix.
Before you begin
The ACL exists.
Procedure
- In the navigation pane, expand the folders.
- Click Advanced Filters (ACE/ACLs).
- Click the ACL tab.
- Select the ACL to which to add an ACE.
- Click ACE.
- Click the ACE Common tab.
- Click Insert.
- Configure the ACE ID.
- Name the ACE.
- Choose the mode: deny (drop packets) or permit (forward packets).
- Configure the ACE actions as required.
- Click Insert.
- Configure the ACE attributes as required.
- To enable the ACE, in the ACE Common tab, configure AdminState to enable, and then click Apply.
- To delete an ACE Common entry, select the entry, and then click Delete.
ACE Common field descriptions
Use the data in the following table to use the ACE Common tab.
Name |
Description |
---|---|
AclId |
Specifies the ACL ID. |
AceId |
Specifies the ACE ID. |
Name |
Specifies a descriptive user-defined name for the ACE. The system automatically assigns a name if you do not type one. |
AdminState |
Indicates the status of the ACE as enabled or disabled. You can modify an ACE only if you disable it. |
OperState |
Indicates the current operational state of the ACE. |
Mode |
Indicates the operating mode for this ACE. Valid options are deny and permit, with deny as the default. |
RedirectNextHop |
Redirects matching IPv4/IPv6 traffic to IPv4/IPv6 nexthop. |
RedirectNextHopVrfname |
Specifies the direct next hop VRF name. The name must be in the range of 1 to 16 characters. |
RedirectUnreach |
Denies or permits packet dropping when the next hop for the packet is unreachable. The default value is deny. This action is a security action. |
InternalQos |
This variable is a QoS action. The default value is 1. |
RemarkDscp |
Specifies whether the DSCP parameter marks nonstandard traffic classes and local-use Per-Hop Behavior. The default is disable. Use this option to create a QoS ACE. |
RemarkDot1Priority |
Specifies whether Dot1 Priority, as described by Layer 2 standards (802.1Q and 802.1p) is enabled. The default is disable. Use this option to create a QoS ACE. |