CVID ACL Match Criteria

This feature adds support for the EXOS ACL match criteria "cvid." It provides the ability to specify access-lists that filter on the inner-VLAN-id field of a double tagged packet, the customer VLAN id field of a single tagged packet entering a VMAN UNI/CEP port, or the port-cvid inserted into an untagged packet entering a VMAN UNI port. You can use this feature to perform service-level, or customer-level (cvid) rate-limiting and accounting.

You can utilize this match criteria in the following scenarios:

Here is another example policy:

entry one {    
           if{       
             cvid 7;       
             vlan-id 100;   #SVID    
           } then {       
              count foo;    
           }
         }

And here's an example that allow you to perform service-level, or customer-level (cvid) rate-limiting and accounting:

doubletag.pol: 
               entry customer1 {    
                 if{       
                   cvid 8;    
                 } then{       
                    count cust1;    
                 }
               } 
create vman vm1 tag 100
config vman vm1 add port 21
config vman vm1 add port 22 tag
config access-list doubletag port 21
config access-list doubletag port 21 egress

Limitations

The CVID ACL match criteria support has the following limitations:

Supported Platforms

CVID ACl match criteria is supported on all platforms.