Moving The Vacl And Qos Acl Configuration Back To Nvram; Redundancy Synchronization Support; Interacting With High Availability; Configuring Policy-Based Forwarding - Cisco WS-X6066-SLB-APC - Content Switching Module Software Manual

Configuring Policy-Based Forwarding

Moving the VACL and QoS ACL Configuration Back to NVRAM

This example shows how to move the VACL and QoS ACL configuration back to NVRAM:
Console> (enable) set config acl nvram
ACL configuration copied to NVRAM.
Console> (enable)
Console> (enable) clear boot auto-config
CONFIG_FILE variable =
Console> (enable)

Redundancy Synchronization Support

The set boot commands contain an option to synchronize the auto-config file automatically.
When you enable the auto-config option, if the VACL and QoS ACL configuration resides in Flash
memory, the auto-config file on the active supervisor engine is automatically synchronized to the
standby supervisor engine whenever a change is made; for example, deleting the auto-config file on the
active supervisor engine causes the file to be deleted on the standby supervisor engine. Similarly, if you
insert a new standby supervisor engine, the active supervisor engine automatically synchronizes the
auto-config file.

Interacting with High Availability

After a supervisor engine switchover, the VACL and QoS ACL configuration on the standby supervisor
engine is consistent with what was on the active supervisor engine, just as in the case where the VACL
and QoS ACL configuration is saved in NVRAM. The only difference is that the data is stored in DRAM,
but the functional behavior of a switchover does not change.
Configuring Policy-Based Forwarding
The policy-based forwarding (PBF) feature is an extension of VACL redirection supported by the Policy
Feature Card 2 (PFC2). It can prove to be particularly beneficial in any flat Layer 2 network used for
transparent bridging where a limited amount of inter-VLAN communication is required. This feature can
also be used in server farms or DMZs where bridging devices like server load balancing appliances are
involved, or where firewall load balancing is performed.
PBF does not support Internetwork Packet Exchange (IPX) and multicast traffic.
Note
PBF does not work with 802.1Q tunnel traffic. PBF is supported on Layer 3 IP unicast traffic, it is
Note
not applicable to Layer 2 traffic. At the intermediate (PBF) switch, all 802.1Q tunnel traffic appears
as Layer 2 traffic.
Note PBF may require some configuration on attached hosts. When a router is not present in the network,
ARP table entries have to be statically added on each host participating in PBF.
Catalyst 6000 Family Software Configuration Guide—Releases 6.3 and 6.4
16-46
Chapter 16 Configuring Access Control
78-13315-02