configure vlan udp-profile

configure vlan vlan_name udp-profile [profilename | none]

Description

Associates a UDP forwarding profile to a VLAN (Virtual LAN).

Syntax Description

vlan_name Specifies a VLAN name.
profilename Specifies a policy file to use for the UDP forwarding profile.
none Removes any UDP forwarding profile from the VLAN.

Default

No UDP profiles are associated with the VLAN.

Usage Guidelines

You can apply a UDP forwarding policy only to an L3 VLAN (a VLAN having at least one IP address configured on it). If there is no IP address configured on the VLAN, then the command is rejected.

A UDP forwarding policy must contain only the following attributes. Unrecognized attributes are ignored.
  • Match attributes
    • Destination UDP port number (destination-port)
    • Source IP address (source-ipaddress)
  • Action modified (set) attributes
    • Destination IP address (destination-ipaddress)
    • VLAN name (vlan)

Policy files used for UDP forwarding are processed differently from standard policy files. Instead of terminating when an entry‘s match clause becomes true, each entry in the policy file is processed and the corresponding action is taken for each true match clause.

For example, if the following policy file is used as a UDP forwarding profile, any packets destined for UDP port 67 are sent to IP address 20.0.0.5 and flooded to VLAN to7:

entry one {
if match all {
	destination-port 67 ;
} then {
	destination-ipaddress 20.0.0.5 ;
}
}
entry two {
if match all {
	destination-port 67 ;
} then {
	vlan "to7" ;
}
}

If you include more than one VLAN set attribute or more than one destination-ipaddress set attribute in one policy entry, the last one is accepted and the rest are ignored.

Note

Note

Although the ExtremeXOS Policy manager allows you to set a range for the destination-port, you should not specify the range for the destination-port attribute in the match clause of the policy statement for the UDP profile. If a destination-port range is configured, the last port in the range is accepted and the rest are ignored.

You can have two valid set statements in each entry of a UDP forwarding policy; one a destination-ipaddress and one a VLAN. ExtremeXOS currently allows a maximum of eight entries in a UDP forwarding policy, so you can define a maximum of 16 destinations for one inbound broadcast UDP packet: eight IP addresses and eight VLANs.

Note

Note

It is strongly advised to have no more than eight entries in a UDP forwarding profile. The UDP forwarding module processes those entries even if the entries do not contain any attributes for UDP forwarding. Having more than eight entries drastically reduces system performance. If the inbound UDP traffic rate is very high, having more than eight entries could cause the system to freeze or become locked.

If you rename a VLAN referred to in your UDP forwarding profile, you must manually edit the policy to reflect the new name, and refresh the policy.

You can also validate whether the UDP profile has been successfully associated with the VLAN by using the command show policy {policy-name | detail}. UDP forwarding is implemented as part of the netTools process, so the command does display netTools as a user of the policy.

Example

The following example associates the UDP forwarding profile "port123_to_corporate" to VLAN "to-sales":

configure vlan to-sales udp-profile port123_to_corporate

History

This command was first available in ExtremeXOS 11.2.

Platform Availability

This command is available on all platforms that use the Edge, Advanced Edge, or Core license. For information on the licenses available for each platform, see the ExtremeXOS 22.6 Feature License Requirements document.