Intel 480T Switch User Manual


 
310
Intel
®
NetStructure 480T Routing Switch User Guide
profile or dropped. Using access lists has no impact on switch
performance.
Access lists are typically applied to traffic that crosses Layer 3
router boundaries, but it is possible to use access lists within a Layer
2 VLAN.
Routing Access Policies
Routing access policies are used to control the advertisement or
recognition of routing protocols, such as Router Information
Protocol (RIP), Open Shortest Path First (OSPF) or Border
Gateway Protocol (BGP). You can use routing access policies to
hide entire networks, or to trust only specific sources for routes or
ranges of routes.
The capabilities of routing access policies are specific to the type of
routing protocol involved, but are sometimes more efficient and
easier to implement than access lists.
IPX
§
Routing Access Policies
Routing access policies support IPX, IPX/ RIP, IPX/SAP, and IPX
node rules. Routing access policies consist of access rules, and are
used to perform packet filtering and forwarding decisions on
incoming traffic. Each IPX/RIP or IPX/SAP packet arriving on an
ingress port is compared to each access profile rule in sequence, and
is either forwarded or dropped. To create IPX access profiles, use
this command:
create access-profile <access_profile> type
[ipaddress | ipx-node | ipx-net | ipx-sap | as-path |
bgp-community]
To configure an IPX net, node or SAP access profile, use this
command:
configure access-profile <access_profile> [add |
delete] {seq-number} ipx-net <ipx_net_id_in_hex>
<ipx_net_id_mask_in_hex>
configure access-profile <access_profile> [add |
delete] {seq-number} ipx-node <ipx_net_id_in_hex>
<ipx_net_id_mask_in_hex>
<ipx_node_id_in_mac_address_format>