Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

912

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

12

permit proto [||eigrp|gre|igmp|igp|ospf|vrrp]

[||any|from-vlan |host

] [||any|host

] (log,rule-precedence <1-5000>) {(rule-description )}

any

Specifies the destination as any destination IP address. IP packets addressed to any destination are
permitted.

host

Identifies a specific host (as the destination to match) by its IP address. IP packets addressed to the specified
host are permitted.

•

– Specify the destination host’s exact IP address in the A.B.C.D format.

S-NAME>

Applies a network-group alias to identify the source IP addresses. IP packets destined for addresses identified
by the network-group alias are permitted.

•

– Specify the network-group alias name (should be existing and
configured).

log

Logs all permit events matching this entry. If a source and/or destination IP address is matched (i.e. a IP
packet is received from a specified IP address and/or is destined for a specified IP address), an event is
logged.

rule-precedence
<1-5000>
rule-description

The following keywords are recursive and common to all of the above parameters:

•

rule-precedence – Assigns a precedence for this permit rule

•

<1-5000> – Specify a value from 1 - 5000.

Lower the precedence higher is the priority. A rule with precedence 3 gets priority over a rule with precedence
10.

•

rule-description – Optional. Configures a description for this permit rule. Provide a description that

uniquely identifies the purpose of this rule (should not exceed 128 characters in length).

proto

Configures the ACL for additional protocols
Additional protocols (other than IP, ICMP, TCP, and UDP) must be configured using this parameter

Filters protocols using their IANA protocol number

•

– Specify the protocol number.

Filters protocols using their IANA protocol name

•

– Specify the protocol name.

eigrp

Identifies the EIGRP protocol (number 88)
EIGRP enables routers to maintain copies of neighbors’ routing tables. Routers use this information to
determine the fastest route to a destination. When a router fails to find a route in its stored route tables, it
sends a query to neighbors who in turn query their neighbors till a route is found. EIGRP also enables routers
to inform neighbors of changes in their routing tables.

gre

Identifies the GRE protocol (number 47)
GRE is a tunneling protocol that enables transportation of protocols (IP, IPX, DEC net, etc.) over an IP
network. GRE encapsulates the packet at the source and removes the encapsulation at the destination.

igmp

Identifies the IGMP protocol (number 2)
IGMP establishes and maintains multicast group memberships to interested members. Multicasting allows a
networked computer to send content to multiple computers who have registered to receive the content. IGMP
snooping is for listening to IGMP traffic between an IGMP host and routers in the network to maintain a map
of the links that require multicast streams. Multicast traffic is filtered out for those links which do not require
them.

igp

Identifies any private internal gateway (primarily used by CISCO for their IGRP) (number 9)
IGP enables exchange of information between hosts and routers within a managed network. The most
commonly used interior gateway protocol (IGP) protocols are: Routing Information Protocol (RIP) and Open
Shortest Path First (OSPF)