Extreme Networks

Alexandr_P · ‎12-17-2014

Hello, colleagues!

I have LAG, for example ports 10-14
#enable sharing 10 grou 10-14 alg address-based L3
I have ACL:
entry ACL{
if {
} then {
redirect-port 10;
} }
#configure access-list ACL ports 1-4 ingress

As I understand traffic have to go not only for port 10, but exit from ports 10-14 based on address-based L3 algorithm.
As I'm right?
Is there some conditions for this ACL? (same vlan in ingress and redirect ports, somthing else)

Main problem that I can see traffic is come to ingress ports (1-4) - counters is groing.
But I can't see traffic in egress ports (10-14).

Any ideas or advices?

Thank you!

PARTHIBAN_CHINN · ‎12-17-2014

entry ACL{
if {

sourceip
dstip <>
} then {
redirect-port -list 10,11,12,13,14;
} }
We can have multiple entries to achieve the end result.

Alexandr_P · ‎12-17-2014

Also, as I know - redirect-port-list is duplikate (propagates) traffic to each port of port-list.

Alexandr_P · ‎12-17-2014

OK.

and how traffic will be balancing on src-ip/dst-ip condition?

PARTHIBAN_CHINN · ‎12-17-2014

Remove the static lag and try the below acl.

entry ACL{
if {
} then {
redirect-port -list 10,11,12,13,14;
} }

Alexandr_P · ‎12-17-2014

this traffic can be in specific vlan or not.
this traffic mirroring from other device to X670 and I have to transmit this traffic onwards to 4 different monitoring devices.

Thats why I built static LAG (but not lacp) with 4 ports. And this traffic have to go to monitoring device. But 1 device have to receive traffic with the same src-IP/dst-IP. This can done by L3 balancing.

Thats why I can configure VLANs on X670 as I want - the same VLAN, or different vlans.

Scheme like this:

Extreme Networks

ACL redirect-port

ACL redirect-port