Rules in the first classifier are set up with an action to set class_id. Rules in the second classifier are setup to use the class_id as the key to match on the identity specific policies. The class_id is the common attribute between the two classifiers/tables, uniquely identifies the role of the identity.
This feature introduces one new ACL action modifier for specifying the class-id from the first stage that will be input into the second stage. It also introduces one new ACL match criteria for matching the class-id within the second stage.
When a rule is installed in the first stage ACL table, it will be accounted for in the "Stage: LOOKUP" section of show access-list usage acl-slice port port . When a rule is installed in the second stage ACL table, it is accounted for in the "Stage: INGRESS" section of this command. For example:
# show access-list usage acl-slice port 1 Ports 1-54 Stage: INGRESS Slices: Used: 0 Available: 16 Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 4) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 5) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 6) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 7) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 8) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 9) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 10) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 11) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 12) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 13) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 14) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 15) Rules: Used: 0 Available: 256 Stage: EGRESS Slices: Used: 0 Available: 4 Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 256 Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 256 Stage: LOOKUP Slices: Used: 0 Available: 4 Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 512 Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 512 Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 512 Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 512 Stage: EXTERNAL Virtual Slice : (*) Physical slice not allocated to any virtual slice. 5420F-48P-4XE.10 #
Platform | Permit | Deny | Count | Replace-dot1p-value | qosprofile | Replace-dot1p |
---|---|---|---|---|---|---|
ExtremeSwitching 5320 | Y | Y | Y | Y | Y | Y |
ExtremeSwitching 5420 | Y | Y | Y | Y | Y | Y |
ExtremeSwitching 5520 | Y | Y | Y | Y | Y | Y |
ExtremeSwitching 5720 | Y | Y | Y | Y | Y | Y |
Extreme 7520 | Y | Y | Y | Y | Y | Y |
Extreme 7720 | Y | Y | Y | Y | Y | Y |