configure policy profile

configure policy profile profile_index {name name} {pvid pvid} {pvid-status pvid_status} {cos cos} {cos-status cos_status} {egress-vlans egress_vlan_list}{forbidden-vlans forbidden_vlans} {untagged-vlans untagged_vlans} {append | clear} {tci-overwrite tci_overwrite} {auth-override auth_override} {nsi [nsi | none]} {web-redirect web_redir_index}

Description

Creates a policy profile entry.

Syntax Description

profile_index	Policy ID (1-63).
name	Policy profile name.
name	Profile name string 1-64 characters.
pvid-status	PVID status (enable/disable).
pvid	PVID value (0-4,095). Default is 1, which specifies Default VLAN.
cos-status	CoS (Class of Service) status (enable/disable).
cos	Class of Service value (0-22).
egress-vlans	Egress VLAN (Virtual LAN) list (1-4094).
forbidden-vlan	Forbidden VLAN list (1–4,094).
untagged-vlans	Untagged VLAN list (1-4,094).
append	Append to one of Egress, Forbidden, Untagged VLAN list.
clear	Clear from one of Egress, Forbidden, Untagged VLAN list.
tci_overwrite	TCI-overwrite status (enable/disable). Note: With tci-overwrite disabled, you can only add a VLAN to incoming packets that are untagged or priority tagged (priority set, but vlan=0).
auth-override	Configures authentication override using a port profile attribute. No further authentication occurs on the port if enabled.
auth_override	Authentication override status: "enable" or "disable". Default is disabled.
web-redirect	Configures web-redirect.
web_redir_index	Configures a web redirect index (range = 1–10). Default is 0, which is disabled.
nsi	Network Service Identifier. For Fabric Attach and VXLAN (VNI = NSI), provides a mechanism to apply the VLAN/NSI mappings in policy using a profile-based attribute.
nsi	NSI 24-bit value ranging from 1 to 16,777,215.
none	No NSI for the VLAN (default).

Default

If optional parameters are not specified, none are applied.

Web direct is disabled by default.

The default for NSI is none.

If no PVID value is given, the default is 1 (Default VLAN).

Usage Guidelines

Use this command to create a policy profile entry.

Example

This example shows how to create a policy profile 1 named "netadmin" with PVID override enabled for PVID 10, and Class-of-Service override enabled for CoS 5. This profile can use VLAN 10 for untagged egress:

configure policy profile 1 name netadmin pvid-status enable pvid 10 cos-status enable cos 5 untagged-vlans 10

History

This command was first available in ExtremeXOS 16.1.

The authentication override parameter was added in ExtremeXOS 22.2.

The NSI keyword was added in ExtremeXOS 22.5.

Platform Availability

Published September 2018prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback