https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17892#M665 Create Date: Jun 19 2012 7:29PM<BR /> <BR /> Thank you P,<BR /> <BR /> I thought that the redirect-port would replace all the L2/L3 forwarding decisions.<BR /> <BR /> The next-hop IP is also an option.<BR /> <BR /> Regards,<BR /> <BR /> Leandro<BR /> <BR /> <BR /> <BR /> Sorry about the "Report Post".....I misunderstood!<BR /> <BR /> (from Leandro_Brito) Wed, 08 Jan 2014 05:53:00 GMT EtherNation_Use 2014-01-08T05:53:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17890#M663 Create Date: Jun 19 2012 5:41AM<BR /> <BR /> Dear all,<BR /> <BR /> I have the following ACL (acl1.pol) applied into port 25:<BR /> <BR /> configure access-list acl1 ports 25 ingress<BR /> <BR /> acl1.pol info: <BR /> <BR /> entry 1 {<BR /> <BR /> if {<BR /> <BR /> source-address 10.80.17.182/32;<BR /> <BR /> }<BR /> <BR /> then {<BR /> <BR /> redirect-port 2<BR /> <BR /> }<BR /> <BR /> }<BR /> <BR /> entry 2 {<BR /> <BR /> if {<BR /> <BR /> destination-address 10.80.17.182/32;<BR /> <BR /> }<BR /> <BR /> then {<BR /> <BR /> redirect-port 2<BR /> <BR /> }<BR /> <BR /> }<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> It works fine when both source and destination ports (25 and 2) are on the same vlan.<BR /> <BR /> This is a Lab that I'm trying to reproduce, on which I'll need that the port 25 remains on a different vlan.<BR /> <BR /> When I just change it's vlan, I stopped receiving the traffic on redirected-port (#2).<BR /> <BR /> Any ideas on what can be done?<BR /> <BR /> <BR /> <BR /> Regards,<BR /> <BR /> Leandro<BR /> <BR /> (from Leandro_Brito) Wed, 08 Jan 2014 05:53:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17890#M663 EtherNation_Use 2014-01-08T05:53:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17891#M664 Create Date: Jun 19 2012 6:27AM<BR /> <BR /> Hey Leandro<BR /> <BR /> The ACL you have below is for L2 which means that the ports will need to be on the same VLAN just like any other L2 traffic i.e broadcast.<BR /> <BR /> If you want to go across VLANs than you need to route the traffic with L3. The concepts guide has an example but essentially instead of the physical port you would add the next hop IP.<BR /> <BR /> Hope that helps.<BR /> <BR /> P (from Paul_Russo) Wed, 08 Jan 2014 05:53:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17891#M664 EtherNation_Use 2014-01-08T05:53:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17892#M665 Create Date: Jun 19 2012 7:29PM<BR /> <BR /> Thank you P,<BR /> <BR /> I thought that the redirect-port would replace all the L2/L3 forwarding decisions.<BR /> <BR /> The next-hop IP is also an option.<BR /> <BR /> Regards,<BR /> <BR /> Leandro<BR /> <BR /> <BR /> <BR /> Sorry about the "Report Post".....I misunderstood!<BR /> <BR /> (from Leandro_Brito) Wed, 08 Jan 2014 05:53:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17892#M665 EtherNation_Use 2014-01-08T05:53:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17893#M666 Create Date: Jun 20 2012 7:45AM<BR /> <BR /> Hey Leandro<BR /> <BR /> Redirect does bypass L2/L3 but only within the limits of L2/L3 for example using L2 you can redirect traffic to another port on that VLAN for L3 you can bypass the normal L3 route table and send traffic to another next hop.<BR /> <BR /> What you can't do is go between L2 VLANs by just bridging. Normal L2 switching still applies.<BR /> <BR /> Does that help?<BR /> <BR /> P (from Paul_Russo) Wed, 08 Jan 2014 05:53:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17893#M666 EtherNation_Use 2014-01-08T05:53:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17894#M667 Create Date: Jun 20 2012 7:48AM<BR /> <BR /> Hey Leandro<BR /> <BR /> Redirect does bypass L2/L3 but only within the limits of L2/L3 for example using L2 you can redirect traffic to another port on that VLAN for L3 you can bypass the normal L3 route table and send traffic to another next hop.<BR /> <BR /> What you can't do is go between L2 VLANs by just bridging. Normal L2 switching still applies. <BR /> <BR /> Does that help?<BR /> <BR /> P (from Paul_Russo) Wed, 08 Jan 2014 05:53:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17894#M667 EtherNation_Use 2014-01-08T05:53:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17895#M668 Create Date: Jun 21 2012 12:12PM<BR /> <BR /> The next-hop option will be great for me!<BR /> <BR /> Thank you!<BR /> <BR /> (from Leandro_Brito) Wed, 08 Jan 2014 05:53:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/acl-redirect-port-issue/m-p/17895#M668 EtherNation_Use 2014-01-08T05:53:00Z