HP Mellanox SX1018 Mellanox MLNX-OS® User Manualfor SX1018HP Ethernet - Page 80

Rev 1.6.9 5.9.2 ACL Actions An ACL action is a set of actions can be activated in case the packet hits the ACL rule.  To modify the VLAN tag of the egress traffic as part of the ACL "permit" rule: Step 1. Create access-list action profile: Step 2. a.Create an action access-list profile using the command access-list action b.Add rule to map a VLAN using the command vlan-map within the action profile configuration mode Create an access-list and bind the action rule: Step 3. a.Create an access-list profile using the command ipv4/mac access-list b.Add access list rule using the command deny/permit (action ) Bind the access-list to an interface using the command ipv4/mac port access-group Create an action profile and add vlan mapping action: switch (config)#access-list action my-action switch (config access-list action my-action) # vlan-map 20 switch (config access-list action my-action) #exit Create an access list and bind rules: switch (config)# mac access-list my-list switch (config mac access-list my-list)# permit any any action my-action switch (config mac access-list my-list)# exit Bind an access-list to a port: Switch (config)# interface ethernet 1/1 Switch (config interface ethernet 1/1)# mac port access-group my-list 5.10 Port Mirroring Port mirroring enables data plane monitoring functionality which allows the user to send an entire traffic stream for testing. Port mirroring sends a copy of packets of a port's traffic stream, called "mirrored port", into an analyzer port. Port mirroring is used for network monitoring. It can be used for intrusion detection, security breaches, latency analysis, capacity and performance matters, and protocol analysis. Figure 10 provides an overview of the mirroring functionality. Figure 10: Overview of Mirroring Functionality Mellanox Technologies 80 Mellanox Technologies Confidential