PBR Policies and ACLs
Applying PBR ACLs
444
G8264 Application Guide for ENOS 8.4
Up to 256 ACLs can be configured for networks that use IPv4 addressing. Regular
ACLs and PBR ACLs together cannot exceed the maximum ACLs supported.
ACLs are prioritized based on the ACL number. Lower numbers have higher
priority. You must configure regular ACLs with lower numbers and PBR ACLs
with higher numbers.
Note: You cannot apply an ACL directly to an interface and using a PBR policy at
the same time.
PBR ACLs must be applied to an IP interface that has a VLAN configured. In
addition to the defined ACL rules, the Lenovo Enterprise Network Operating
System uses the VLAN ID as a matching criterion. Traffic is filtered on a per‐VLAN
basis rather than a per‐interface basis. If multiple IP interfaces have the same
VLAN ID, route maps applied to each interface are used to filter traffic on the
VLAN. For example: if interface IP 10 and interface IP 11 are members of VLAN
100; interface IP 10 uses PBR ACL 410 and interface IP 11 uses PBR ACL 411. Traffic
on VLAN 100 will be filtered using PBR ACLs 410 and 411.
Note: You cannot apply the PBR ACL to a Layer 2‐only port.