User guide

ManualsBrandsExtreme Networks ManualsComputer equipmentSummit Summit4

Routing Access Policy Commands

Summit24e3 Switch Installation and User Guide 109

Routing Access Policy Commands

Table 26 describes the commands used to configure routing access policies.

Table 26: Routing Access Policy Configuration Commands

Command Description

config access-profile <access_profile> add

{<seq_number>} {permit | deny} [ipaddress

<ipaddress> <mask> {exact}]

Adds an entry to the access profile. The explicit

sequence number, and permit or deny attribute

should be specified if the access profile mode is

none.

Specify one of the following:

• <seq-number> — The order of the entry

within the access profile. If no sequence

number is specified, the new entry is added to

the end of the access-profile and is

automatically assigned a value of 5 more than

the sequence number of the last entry.

• permit | deny — Per-entry permit or

deny specification. The per-entry attribute only

takes effect if the access-profile mode is

none. Otherwise, the overall access profile

type takes precedence.

• <ipaddress> <mask> — An IP address

and mask. If the attribute “exact” is specified

for an entry, then a exact match with address

and mask is performed, subnets within the

address range do not match entry against

entry.

•

config access-profile <access_profile> delete

<seq_number>

Deletes an access profile entry using the

sequence number.

config access-profile <access_profile> mode

[permit | deny | none]

Configures the access profile to be one of the

following:

• permit — Allows the addresses that match

the access profile description.

• deny — Denies the addresses that match the

access profile description.

• none — Permits and denies access on a

per-entry basis. Each entry must be added to

the profile as either type permit or deny.

The default setting is permit.

config ospf area <area_id> external-filter

[<access_profile> | none]

Configures the router to use the access policy to

determine which external routes are allowed to

be exported into the area. This router must be an

ABR.

config ospf area <area_id> interarea-filter

[<access_profile> | none]

Configures the router to use the access policy to

determine which inter-area routes are allowed to

be exported into the area. This router must be an

ABR.