×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Port-channel sub interfaces and acl's

Unanswered Question
Jul 3rd, 2001
User Badges:

On our 7206VXR I have multiple Port-channel sub

interfaces...i.e ->


interface Port-channel1

no ip address

ip route-cache flow

duplex full

hold-queue 150 in

!

interface Port-channel1.10

description Upstream_ISP_1

encapsulation dot1Q 10

ip address xxx.xxx.xxx.xxx 255.255.255.252

!

interface Port-channel1.20

description Upstream_ISP_2

encapsulation dot1Q 20

ip address xxx.xxx.xxx.xxx 255.255.255.252

!

interface Port-channel1.100

description Colo_Customer_A

encapsulation dot1Q 100

ip address xxx.xxx.xxx.xxx 255.255.255.248

!

interface Port-channel1.700

description Fibre-Client_A

encapsulation dot1Q 700

ip address xxx.xxx.xxx.xxx 255.255.255.252

!


And these are only going to increase!

Is it possible to apply ACL's to individual Port-channel sub interfaces

?

I wanted to implement a generic deny ACL on all sub interfaces that

would deny things like netbios traffic, non-routable IP's, and

definitely telnet access to the router!


Any suggestions/Comments would greatly be appreciated!


Regards,

MB

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
beth-martin Mon, 07/09/2001 - 14:46
User Badges:
  • Bronze, 100 points or more

I don’t have port-channel configured to test for you. Is it not taking the commands? If not, try submitting an enhancement request through Cisco.

mbellears Mon, 07/09/2001 - 15:02
User Badges:

Thanks for the reply.


Assigning an ACL to one of the port-channel's sub interfaces seems apply that ACL to all port-channels...which is definitely not what I want! ;)


Regards,

MB

Actions

This Discussion