Cisco Nexus 9000 Series Manual de configuración - Página 25

Navegue en línea o descargue pdf Manual de configuración para Enrutador de red Cisco Nexus 9000 Series. Cisco Nexus 9000 Series 32 páginas. Switch chassis
También para Cisco Nexus 9000 Series: Manual de configuración de inicio rápido (6 páginas), Manual de configuración (32 páginas), Manual (30 páginas), Manual de instalación (12 páginas), Instalación de (8 páginas), Manual de inicio rápido (14 páginas), Manual (16 páginas)

Imprimir página

Cisco Nexus 9000 Series Manual de configuración

1. Configuring an Ip Acl

Configuring the Catena Solution

Displaying Catena Analytics

To optimize your chaining solution, you can configure catena to display the number of packets passing through

different chains for a particular instance.

Command

show catena analytics per-acl per-node

Configuration Examples of Catena Instances

This topic shows examples of configuring catena instances in multiple configurations:

Configuring a catena instance in transparent mode VACL:

switch# configure terminal

switch(config)# feature catena

switch(config)# catena port-group pg1

switch(config-port-group)# interface Eth 1/2

switch(config-pg-node)# catena port-group pg2

switch(config-port-group)# interface Eth 1/4

switch(config-pg-node)# catena vlan-group vg1

switch(config-vlan-group)# vlan 10

switch(config-vlan-group)# catena vlan-group vg2

switch(config-vlan-group)# vlan 20

switch(config)# ip access-list acl1

switch(config-acl)# 10 permit ip 192.0.2.1/24 any

switch(config)# ip access-list acl2

switch(config-acl)# 10 permit ip 198.51.100.1/24 any

switch(config)# ip access-list acl3

switch(config-acl)# 10 permit ip 203.0.113.1/24 any

switch(config-acl)# exit

switch(config)# catena ins_redirect

switch(config-catena-instance)# chain 10

switch(config-catena)# 10 access-list acl1 vlan-group vg1 egress port-group pg1 mode forward

switch(config-catena)# 20 access-list acl1 vlan-group vg2 egress port-group pg2 mode forward

switch(config-catena)# no shutdown

switch(config-catena-)# catena ins_bypass

switch(config-catena-instance)# chain 10

switch(config-catena)#10 access-list acl2 vlan-group vg1 egress port-group pg1 mode bypass

switch(config-catena)# no shutdown

switch(config-catena-)# catena ins_drop

switch(config-catena-instance)# chain 10

switch(config-catena)#10 access-list acl3 vlan-group vg1 egress port-group pg1 mode forward

switch(config-catena)#20 access-list acl3 vlan-group vg1 egress port-group pg1 mode drop

switch(config-catena)# no shutdown

switch# show running-config catena

feature catena

catena vlan-group vg1

vlan 10

catena vlan-group vg2

Purpose

Displays the live traffic data going through various

transparent devices.

• Use the per-acl argument to display packet

counters for a particular chain.

• Use the per-node argument to display packet

counters for a particular node.

Cisco Nexus 9000 Series NX-OS Catena Configuration Guide, Release 7.x

Displaying Catena Analytics