VLAN/VXLAN to Policy Mapping

VLAN-to-Policy mapping manually configures VLAN-to-policy associations that create a policy maptable entry between the specified VLAN and the specified policy role. When an incoming tagged VLAN packet is seen by the switch, a lookup of the policy maptable determines whether a VLAN-to-policy mapping exists. This feature can be used at the distribution layer in environments where non-policy-capable edge switches are deployed and you cannot apply Extreme policy at the edge. Tagged frames received at the distribution layer interface for a VLAN with an entry in the policy maptable have the associated policy applied to the frame.

To create a policy maptable entry associating a policy to a VLAN, use the following command specifying a single VLAN ID or range of IDs and the policy profile-index:

configure policy maptable [response [tunnel | policy | both] | vlan_list profile_index]

Starting with ExtremeXOS 22.5, you can map VXLANs by applying the VXLAN identifier (VNI) to a profile using the command, where NSI = VNI:

configure policy profile profile_index {name name} {pvid pvid} {pvid-status pvid_status} {cos cos} {cos-status cos_status} {egress-vlans egress_vlan_list}{forbidden-vlans forbidden_vlans} {untagged-vlans untagged_vlans} {append | clear} {tci-overwrite tci_overwrite} {precedence [precedence | default]} {auth-override auth_override} {nsi [nsi | none]} {web-redirect web_redir_index} {access-list [unassigned | list_name | list_name_placeholder]}

You can then create the maptable entry, using the previous maptable command.