15-27
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 15 Configuring Access Control
Using VACLs in Your Network
To redirect the broadcast traffic to a specific server port, perform this task in privileged mode (TCP
port 5000 is the intended server application port):
Note You could apply the same concept to direct the broadcast traffic to a multicast destination by redirecting
the traffic to a group of ports (see Figure 15-5).
Figure 15-5 Redirecting Broadcast Traffic to a Specific Server Port
Restricting the DHCP Response for a Specific Server
When the Dynamic Host Configuration Protocol (DHCP) requests are broadcast, they reach every DHCP
server in the VLAN and multiple responses are returned. With the VACLs, you can restrict the response
from a specific DHCP server and drop the other responses.
Task Command
Step 1
Redirect the broadcast packets. set security acl ip SERVER redirect 4/1 tcp any host
255.255.255.255 eq 5000
Step 2
Permit all other traffic. set security acl ip SERVER permit ip any any
Step 3
Commit the VACL. commit security acl SERVER
Step 4
Map the VACL to VLAN 10. set security acl map SERVER 10
To Next Page
Loading...
Need help?
General