Quick Reference Guide
204 | Access Control
www.dell.com | support.dell.com
To apply an ACL (standard or extended) for loopback, use the following sequence:
Restrictions on the usage of loopback interface ACL
As noted above, applying an ACL to loopback interface 0 in turn applies the ACL to all physical
interfaces. To configure additional ACLs on a physical interface, be aware that the “loopback interface
ACL” might conflict with the desired physical interface ACL behavior.
Example of loopback interface configuration sequence
In the following example, two rules are added to ACL 2, and then ACL 2 is applied to the loopback
interface.
Step Command Syntax
Command
Mode Purpose
1 • For a Standard IP ACL:
access-list 1-99 {deny | permit} {every | srcip srcmask} [log]
[assign-queue
queue-id] [{mirror | redirect} unit/slot/port]
• For an Extended IP ACL:
access-list 100-199 {deny | permit} {every | icmp | igmp | ip |
tcp | udp | protocol_number} {any | srcip srcmask} {any | eq
{portkey | 0-65535}{any | dstip dstmask} [eq {portkey | 0-65535}]
[
precedence precedence | tos tos tosmask | dscp dscp] [log]
[
assign-queue queue-id] [redirect unit/slot/port]
Global
Config
Create an IP ACL.
Note: The mirror
option is only
available for the S50V
and S25P.
2
interface loopback 0 Global
Config
Create the loopback
interface and access
the Interface Config
mode.
3
ip access-group ACLnumber [seq] in Interface
Config
Attach the specified
ACL to the loopback
interface.
4
show ip access-lists [ACLnumber] Privileged
Exec
Display rules
associated with the
specified ACL.
5
show interface loopback 0 Privileged
Exec
Display the loopback
configuration.