Supported filter policy types

Filter policies configurable in the NFM-P
Table 51-1: NFM-P filter policies

Filter policy type

Purpose

See

ACL Aggregate filter policy

This policy provides a container for configured filter policies. The following can be assigned to an ACL Aggregate filter policy:

  • ACL MAC filter policy

  • ACL IP filter policy

  • ACL IPv6 filter policy

To configure an ACL Aggregate filter policy

ACL MAC filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface and service tunnel based on MAC matching criteria and the forwarding action.

To configure an ACL MAC filter policy

ACL IP filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of a network or access IP interface or service tunnel based on IPv4 matching criteria and the forwarding action.

To configure an ACL IP filter policy

ACL IPv6 filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface or service tunnel based on IPv6 matching criteria and the forwarding action.

To configure an ACL IPv6 filter policy

ACL IP Exception filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface in an NGE or cellular domain based on protocol-specific matching criteria and source and destination information.

To configure an ACL IP exception filter policy

ACL IPv6 Exception filter policy

This policy is an ACL IP exception filter for IPv6: it defines the network traffic filtering criteria used to allow or deny network traffic into or out of an interface based on protocol-specific matching criteria and source and destination information.

To configure an ACL IPv6 exception filter policy

IP Prefix list filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface based on a defined list of IP Prefix list members.

To configure an IP Prefix List policy

Port list filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface based on a defined list of port list members.

To configure a Port List policy

DHCP filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of IES and VPRN group interfaces based on DHCP matching criteria.

To configure a DHCP Filter policy

DHCPv6 filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of IES and VPRN group interfaces based on DHCPv6 matching criteria.

To configure a DHCPv6 filter policy

Redirect filter policy

This policy allows specifying multiple redirect target destinations and defining health check test methods used to validate the ability for a given destination to receive redirected traffic.

To configure a Redirect Filter policy

Redirect policy binding

Redirect policy bindings allow configuration of an association between destination addresses in Rredirect policies, so that results of Ping tests can be shared.

To configure a Redirect Policy Binding

ACL VLAN filter policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic on network ports of a ring card based on a defined VLAN range.

To configure an ACL VLAN Filter policy

System filter policy

This policy allows operators to configure a filter chain for packet matching. In this chain, an active system filter policy rules are evaluated first. If no match occurs, then rules specified by any chained filter policies are evaluated.

To configure a System Filter

Embedded and embedding filter policies

An embedded filter policy allows users to define a common set of filter policy rules that can then be nested in one or more other filter policies. The filters that support the embedded filter policies are referred to as embedding filter policies.

To configure an embedding filter with embedded filter policies

Syslog policy

This policy defines the destination details for log messages such as the target address and target UDP port, when the ACL Filter Log policy specifies a Syslog destination for storing log information.

To configure a Syslog policy

ACL Filter Log policy

This policy defines where log information for all actions performed on 7210 SAS, 7705 SAR, and 7x50 NEs that match ACL MAC, ACL IP, and ACL IPv6 filter entry criteria are written (memory or Syslog), how many log entries can be stored, and what action is performed when the log files meet the specified threshold.

To configure a ACL Filter Log policy

GRE tunnel template policy

GRE tunnel template policies specify a set of GRE encapsulation parameters to use when the primary action for ACL IP and ACL IPv6 filter policies is set to Forward (GRE Tunnel). GRE Tunnel Templates are assigned to ACL IP filter policies and ACL IPv6 filter policies.

To configure a GRE tunnel template

Protocol List policy

This policy defines the network traffic filtering criteria used to allow or deny network traffic into or out of an access interface based on a defined list of protocols.

To configure a protocol list policy