关于北电(nortel)的traffic filter问题
公司需要10.168.22.0/24网段的人访问服务器10.168.2.82,但是公司在core交换机上做了下面的策略:ip traffic-filter create destination dst-ip 10.168.2.0/255.255.255.0 src-ip 10.168.22.0/255.255.255.0 id 600
ip traffic-filter filter 600 action mode drop
ip traffic-filter filter 600 action statistic enable
ip traffic-filter filter 600 name "Limit-HEHE"
ip traffic-filter set 304 create name "Limit-HEHE"
ip traffic-filter set 304 add-filter 197
ip traffic-filter set 304 add-filter 198
ip traffic-filter set 304 add-filter 199
ip traffic-filter set 304 add-filter 600
ip traffic-filter set 304 add-filter 601
ip traffic-filter set 304 add-filter 602
ethernet 2/1 ip traffic-filter create
ethernet 2/1 ip traffic-filter add set 300
ethernet 2/1 ip traffic-filter add set 301
ethernet 2/1 ip traffic-filter add set 302
ethernet 2/1 ip traffic-filter add set 303
ethernet 2/1 ip traffic-filter add set 304
ethernet 2/1 ip traffic-filter add set 305
ethernet 2/1 ip traffic-filter add set 306
ethernet 2/1 ip traffic-filter add set 307
ethernet 2/1 ip traffic-filter add set 308
ethernet 2/1 ip traffic-filter add set 309
ethernet 2/1 ip traffic-filter add set 310
ethernet 2/1 ip traffic-filter add set 311
ethernet 2/1 ip traffic-filter default-action forward
现在如果想要10.168.22.0/24网段的人访问服务器10.168.2.82,需要怎么添加traffic filter呢?是和思科ACL一样
没玩过北电的不清楚,只能帮你顶一下 thanks for sharing
页:
[1]