You may be more familiar with using access profiles on other Extreme Networks switches. This example shows the policy equivalent to an ExtremeWare access profile.
ExtremeWare Access-Profile:
Seq_No Action IP Address IP Mask Exact 5 permit 22.16.0.0 255.252.0.0 No 10 permit 192.168.0.0 255.255.192.0 Yes 15 deny any 255.0.0.0 No 20 permit 10.10.0.0 255.255.192.0 No 25 deny 22.44.66.0 255.255.254.0 Yes
Equivalent ExtremeXOS policy map definition:
Print
this page
Email this topic
Feedback
View PDF
Download EPUB
entry entry-5 {
If {
nlri 22.16.0.0/14;
}
then {
permit;
}
}
entry entry-10 {
if {
nlri 192.168.0.0/18 exact;
}
then {
permit;
}
}
entry entry-15 {
if {
nlri any/8;
}
then {
deny;
}
}
entry entry-20 {
if {
nlri 10.10.0.0/18;
}
Then {
permit;
}
}
entry entry-25 {
if {
nlri 22.44.66.0/23 exact;
}
then {
deny;
}
}
The policy above can be optimized by combining some of the if statements into a single expression.
The compact form of the policy looks like this:
entry permit_entry {
If match any {
nlri 22.16.0.0/14;
nlri 192.168.0.0/18 exact ;
nlri 10.10.0.0/18;
}
then {
permit;
}
}
entry deny_entry {
if match any {
nlri any/8;
nlri 22.44.66.0/23 exact;
}
then {
deny;
}
}