Allied Telesis AT-8550 User Manual

Using Access Policies

12-6

Example.

Figure 1 2-2

illustrates an OSPF network that is similar to

the network used previously in the RIP example. In this example,
access to the Internet is accomplished by the use the ASBR function
on the switch labeled “Internet.” As a result, all routes to the Internet
will be done through external routes. Suppose the network
administrator wishes to only allow access only to certain internet
addresses falling within the range 192.1.1.0/24 to the internal
backbone.

Figure 12-2 OSPF Access Policy Example

To configuring the switch labeled Internet, the commands would be
as follows:

create access-profile okinternet ipaddress

config access-profile okinternet mode permit

config access-profile okinternet add

192.1.1.0/24

config ospf asbr-filter okinternet

POWER

MGMT.

10/100BASE-T ETHERNET SWITCH
WITH GIGABIT ETHERNET

1

2

3

4

13

14

15

16

5

6

7

8

17

18

19

20

9

10

11

12

21

22

23

24

LINK ON

ACTIVITY

DISABLED

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

25

25R

25R

A

L

25

25R

1000BASE-X

10/100BASE-TX MDI-X

Internet

10.0.0.10/24

Backbone/OSPF

POWER

MGMT.

10/100BASE-T ETHERNET SWITCH
WITH GIGABIT ETHERNET

1

2

3

4

13

14

15

16

5

6

7

8

17

18

19

20

9

10

11

12

21

22

23

24

LINK ON

ACTIVITY

DISABLED

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

25

25R

25R

A

L

25

25R

1000BASE-X

10/100BASE-TX MDI-X

POWER

MGMT.

10/100BASE-T ETHERNET SWITCH
WITH GIGABIT ETHERNET

1

2

3

4

13

14

15

16

5

6

7

8

17

18

19

20

9

10

11

12

21

22

23

24

LINK ON

ACTIVITY

DISABLED

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

25

25R

25R

A

L

25

25R

1000BASE-X

10/100BASE-TX MDI-X

10.0.0.11/24

Internet

Engrsvrs

10.1.1.1/24

Switch being
configured

Engrsvrs

Sales

10.0.0.12/24

Sales

10.2.1.1/24

area 0.0.0.0