apply policy(Contexts:config-if,config-if-vlan,config-vlan)

Syntax

背景:config-if:

apply policy{in|out|routed-in} no apply policy{in|out|routed-in}

背景:config-if-vlan:

apply policyrouted-in no apply policyrouted-in

背景:config-vlan:

apply policy{in|out} no apply policy{in|out}

Description

Applies a policy to the current interface or VLAN context.

Only one direction of a policy can be applied to an interface or VLAN at a time, thus using the apply command on an interface or VLAN with an already-applied policy of the same direction will replace the currently applied policy.

NOTE:

VLAN上下文支持inandoutdirections, which apply to both bridged and routed traffic. The Interface VLAN context only supports therouted-indirection which applies only to routed traffic.

Thenoform of this command removes a policy from the interface or VLAN specified by the current context.

Command context

config-if

config-if-vlan

config-vlan

Parameters

Specifies the policy to apply.

in

Selects the inbound (ingress) traffic direction.

out

Selects the outbound (egress) traffic direction.

routed-in

Selects routed in traffic.

Authority

Administrators or local user group members with execution rights for this command.

Usage (applies to config-vlan context)

  • Only one policy may be applied to a VLAN at a time. Therefore, using theapply policycommand on a VLAN with an already-applied policy of the same type, will replace the applied policy.

  • 6400 Switch Series only: When a policy is applied to a VLAN, it will create hardware entries on all line cards and stack members regardless of whether a VLAN member exists on any specific line card.

Examples

On the 6400 Switch Series, interface identification differs.

Applying a policy to an interface (ingress):

switch(config)#interface 1/1/1switch(config-if)#apply policy MY_POLICY in

Applying a policy to an interface (egress):

switch(config)#interface 1/1/2switch(config-if)#apply policy MY_POLICY2 out

Applying a policy to an interface range (egress):

switch(config)#interface 1/1/2-1/1/5switch(config-if-<1/1/2-1/1/5>)#apply policy MY_POLICY3 out

Removing a policy from an interface range (egress)

switch(config)#1/1/2-1/1/5switch(config-if)#no apply policy MY_POLICY3 out

Applying a policy to a VLAN (ingress):

switch(config)#vlan 10switch(config-vlan-10)#apply policy MY_POLICY in

Applying a policy to multiple VLANs (egress):

switch(config)#vlan 20,30switch(config-vlan-<20,30>)#apply policy MY_POLICY2 out

Applying a policy to an interface VLAN range routed (ingress):

switch(config)#vlan 2-5switch(config-if-vlan-<2-5>)#apply policy MY_POLICY3 routed-in

Removing a policy from a VLAN (ingress):

switch(config)#vlan 10switch(config-vlan-10)#no apply policy MY_POLICY in