Can't find what you need?


• Ask the Community
• Create a Case
Reset Search
 

 

Article

Different ACL display after NI 5.7 and acl-policy

« Go Back

Information

 
TitleDifferent ACL display after NI 5.7 and acl-policy
Question
From 5.7 onwards, there is some change on the ACL display option.By default, there is no sequence numbers displayed in "show run" after initial configuration. Butwhen there is additional ACL lines configured, the seq numbers will show up. This could cause script parsing issues. Below is the comparison of 5.6g and 5.7e.

In 5.6g

telnet@MLX.5600g(config)# mac access-list test
telnet@MLX.5600g(config-mac-acl-test)# perm any any 10 etype any
telnet@MLX.5600g(config-mac-acl-test)# perm any any 20 etype any

telnet@MLX.5600g(config-mac-acl-test)# show run | beg mac acc
mac access-list test
sequence 10 permit any any 10 etype any
sequence 20 permit any any 20 etype any
!

telnet@MLX.5600g(config-mac-acl-test)# seq 5 perm any any 100 etype any
telnet@MLX.5600g(config-mac-acl-test)# seq 50 perm any any 1000 etype any
telnet@MLX.5600g(config-mac-acl-test)# show run | beg mac acc
mac access-list test
sequence 5 permit any any 100 etype any
sequence 10 permit any any 10 etype any
sequence 20 permit any any 20 etype any
sequence 50 permit any any 1000 etype any

In 5.7e

telnet@MLX.5700e(config)# mac acc test.1
telnet@MLX.5700e(config-mac-acl-test.1)# perm any any 10 etyp any
telnet@MLX.5700e(config-mac-acl-test.1)# perm any any 20 etyp any
telnet@MLX.5700e(config-acl-policy)# show run | beg mac acc
mac access-list test.1
permit any any 10 etype any
permit any any 20 etype any
....
telnet@MLX.5700e(config-acl-policy)# mac acc test.1
telnet@MLX.5700e(config-mac-acl-test.1)# seq 5 perm any any 50 etyp any
telnet@MLX.5700e(config-mac-acl-test.1)# seq 50 perm any any 1000 etyp any
telnet@MLX.5700e(config-mac-acl-test.1)# mac acc test.1
telnet@MLX.5700e(config-mac-acl-test.1)# show run | beg mac acc
mac access-list test.1
sequence 5 permit any any 50 etype any
permit any any 10 etype any
permit any any 20 etype any
sequence 50 permit any any 1000 etype any

Environment
Answer
From 5.7e, there is a new display option added under acl-policy. After that, the display of ACL is same as previous releases.

telnet@MLX.5700e(config-mac-acl-test.1)# acl-policy
telnet@MLX.5700e(config-acl-policy)# display-def-acl-seq
telnet@MLX.5700e(config-acl-policy)# show run | beg mac acc
mac access-list test.1
sequence 5 permit any any 50 etype any
sequence 10 permit any any 10 etype any
sequence 20 permit any any 20 etype any
sequence 50 permit any any 1000 etype any
!
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255