Cisco ACE-4710-K9 Administration Guide - Page 123
Service Policies - source nat
View all Cisco ACE-4710-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 123 highlights
Chapter 4 Configuring Class Maps and Policy Maps Class Map and Policy Map Overview 5. Application protocol inspection 6. Source NAT 7. Destination NAT The sequence in which the ACE applies the actions for a specific policy are independent of the actions configured for a class inside a policy. Service Policies You activate policies on a single VLAN interface or globally to all VLAN interfaces associated with a context by using the service-policy command. The service-policy command attaches the traffic policy to each specified VLAN interface. The ACE evaluates all network traffic on the specified interface according to the actions specified in the named traffic policy. Policies and associated actions specify the behavior that you want applied to a traffic class. Policy maps that are applied globally in a context are also internally applied to all interfaces that exist in the context. A policy that has been activated on the interface overwrites global policies for overlapping classifications and actions. The ACE allows only one policy of a specific feature type to be activated on a VLAN interface. Because you can apply many policies of different features on a specific interface, policy lookup ordering in the ACE is important (see the "Policy Maps" section). For example, to specify an interface VLAN and apply multiple service policies to the VLAN, enter: host1/Admin(config)# interface vlan 50 host1/Admin(config-if)# ip address 172.16.1.100 255.255.255.0 host1/Admin(config-if)# service-policy input L4_HTTP_SLB_POLICY host1/Admin(config-if)# service-policy input L4_MGMT_POLICY OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 4-9