Cisco AP776A - Nexus Converged Network Switch 5020 Configuration Manual page 859
Cisco mds 9000 family cli configuration guide - release 4.x (ol-18084-01, february 2009)
Hide thumbs
Also See for AP776A - Nexus Converged Network Switch 5020:
- Command reference manual (1640 pages) ,
- Configuration manual (1486 pages) ,
- Reference (886 pages)
Table of Contents
Advertisement
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Configuring IPv4 and IPv6 Access Control Lists
Cisco MDS 9000 Family switches can route IP version 4 (IPv4) traffic between Ethernet and Fibre
Channel interfaces. The IP static routing feature routes traffic between VSANs. To do so, each VSAN
must be in a different IPv4 subnetwork. Each Cisco MDS 9000 Family switch provides the following
services for network management systems (NMS):
•
•
•
Switches are compliant with RFC 2338 standards for Virtual Router Redundancy Protocol (VRRP)
features. VRRP is a restartable application that provides a redundant, alternate path to the gateway
switch.
IPv4 Access Control Lists (IPv4-ACLs and IPv6-ACLs) provide basic network security to all switches
in the Cisco MDS 9000 Family. IPv4-ACLs and IPv6-ACLs restrict IP-related traffic based on the
configured IP filters. A filter contains the rules to match an IP packet, and if the packet matches, the rule
also stipulates if the packet should be permitted or denied.
Each switch in the Cisco MDS 9000 Family can have a maximum total of 128 IPv4-ACLs or 128
IPv6-ACLs and each IPv4-ACL or IPv6-ACL can have a maximum of 256 filters.
This chapter includes the following sections:
•
•
•
•
•
•
OL-18084-01, Cisco MDS NX-OS Release 4.x
IP forwarding on the out-of-band Ethernet interface (mgmt0) on the front panel of the supervisor
modules.
IP forwarding on the in-band Fibre Channel interface using the IP over Fibre Channel (IPFC)
function—IPFC specifies how IP frames can be transported over Fibre Channel using encapsulation
techniques. IP frames are encapsulated into Fibre Channel frames so NMS information can cross the
Fibre Channel network without using an overlay Ethernet network.
IP routing (default routing and static routing)—If your configuration does not need an external
router, you can configure a default route using static routing.
IPv4-ACL and IPv6-ACL Configuration Guidelines, page 35-2
About Filter Contents, page 35-2
Configuring IPv4-ACLs or IPv6-ACLs, page 35-5
Reading the IP-ACL Log Dump, page 35-9
Applying an IP-ACL to an Interface, page 35-9
IP-ACL Counter Cleanup, page 35-12
C H A P T E R
Cisco MDS 9000 Family CLI Configuration Guide
35
35-1
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
