Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

101

102

103

104

105

106

107

108

109

110

Congure a Route Map for Route Tagging

One method for identifying routes from dierent routing protocols is to assign a tag to routes from that protocol.

As the route enters a dierent routing domain, it is tagged. The tag is passed along with the route as it passes through dierent routing

protocols. You can use this tag when the route leaves a routing domain to redistribute those routes again. In the following example, the

redistribute ospf command with a route map is used in ROUTER RIP mode to apply a tag of 34 to all internal OSPF routes that are

redistributed into RIP.

Example of the redistribute Command Using a Route Tag

router rip

redistribute ospf 34 metric 1 route-map torip

route-map torip permit 10

match route-type internal

set tag 34

Continue Clause

Normally, when a match is found, set clauses are executed, and the packet is then forwarded; no more route-map modules are processed.

If you congure the continue command at the end of a module, the next module (or a specied module) is processed even after a match

is found. The following example shows a continue clause at the end of a route-map module. In this example, if a match is found in the

route-map “test” module 10, module 30 is processed.

NOTE

: If you congure the continue clause without specifying a module, the next sequential module is

processed.

Example of Using the continue Clause in a Route Map

route-map test permit 10

match commu comm-list1

set community 1:1 1:2 1:3

set as-path prepend 1 2 3 4 5

continue 30!

IP Fragment Handling

Dell Networking OS supports a congurable option to explicitly deny IP fragmented packets, particularly second and subsequent packets.

It extends the existing ACL command syntax with the fragments keyword for all Layer 3 rules applicable to all Layer protocols (permit/

deny ip/tcp/udp/icmp).

• Both standard and extended ACLs support IP fragments.

• Second and subsequent fragments are allowed because a Layer 4 rule cannot be applied to these fragments. If the packet is to be

denied eventually, the rst fragment would be denied and hence the packet as a whole cannot be reassembled.

• Implementing the required rules uses a signicant number of CAM entries per TCP/UDP entry.

• For IP ACL, Dell Networking OS always applies implicit deny. You do not have to congure it.

• For IP ACL, Dell Networking OS applies implicit permit for second and subsequent fragment just prior to the implicit deny.

• If you congure an explicit deny, the second and subsequent fragments do not hit the implicit permit rule for fragments.

• Loopback interfaces do not support ACLs using the IP fragment option. If you congure an ACL with the fragments option and

apply it to a Loopback interface, the command is accepted but the ACL entries are not actually installed the oending rule in CAM.

108

Access Control Lists (ACLs)