Reset Search
 

 

Article

Execution Sequence for EOS Policy Rules

« Go Back

Information

 
TitleExecution Sequence for EOS Policy Rules
Objective
  • Order in which policy rules are executed
     
  • Determine how a mix of permit and deny actions will behave
Environment
  • S-Series
  • N-Series
  • K-Series
  • 7100-Series
Procedure
Admin Policy Rules ('set policy rule admin-profile...') are used to classify a packet to use a specific Policy Profile/Role.
  • All rules are evaluated.  If there are multiple rule matches, the rule with the highest precedence will be applied ('show config policy').
  • Precedence has defaults that are displayed as "Rule Precedence" in the defaulted output of a 'show policy profile <profile_ID>' command. These range from the specific higher-priority MACSource classification to the general lower-priority Port classification.
  • For this rule type, Precedence may as desired - with much forethought and consideration - be modified using the 'set policy profile <profile_ID> precedence...' command. This is not generally needed and is not recommended
Non-Admin Policy Rules ('set policy rule <profile_ID>...') are used within a Profile/Role in order to take some action on a packet - VLAN assignment, Class of Service assignment, Drop, or Forward.
  • All profile rules are evaluated.  If there are multiple rule matches the rule with the highest precedence will be applied
  • One of each action can be applied (ex. 1 mirror, 1 COS, 1 PVID, etc)  
  • Precedence has defaults that are displayed as "Rule Precedence" in the defaulted output of a 'show policy profile <profile_ID>' command. These range from the specific higher-priority MACSource classification to the general lower-priority Port classification.
  • For this rule type, Precedence may as desired - with much forethought and consideration - be modified using the 'set policy profile <profile_ID> precedence...' command. This is not generally needed and is not recommended.
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255