create policy access-list action-set

create policy access-list action-set set-id [{drop | forward} {cos cos} {mirror-destination control_index} {syslog}]

Description

Creates a pre-defined set for use in RADIUS Change of Authorization (CoA) and Extreme Dynamic ACL via Radius VSA 232.

Syntax Description

access-list Specifies access-list features.
action-set Defines a set of actions that can be applied to multiple sets of match conditions.
set-id Identifies the global action-set ID (range 1–63).
drop Specifies dropping any packets that match this rule.
forward Specifies forwarding any packets that match this rule.
cos Specifies setting Class of Service (CoS).
cos Specifies the CoS value: 0–255, or -1 for no CoS, or CoS with no forwarding behavior to remove forwarding behavior.
mirror-destination Specifies setting a mirror destination control index.
control_index Specifies setting the mirror destination control index (1–4).
syslog Specifies Syslog logging using event Policy.LogRuleHit when first rule use occurs.

Default

N/A.

Usage Guidelines

You can view your configurations made with this command using the show policy access-list action-set {set_id} command.

Example

The following example creates an action set "1" with CoS level of 3 and Syslog behavior:

# create policy access-list action-set 1 cos 3 syslog

This command will be accepted only if the mode is set to access-list and slices must be shared by entering the command configure policy slices shared 2 and configure policy slices tci-overwrite 2.

History

This command was first available in ExtremeXOS 30.5.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, X690, and X695 series switches.