Example: egress length matching access list¶
r1
hostname r1
access-list test4
deny all any all any all len 100-200
permit all any all any all
exit
access-list test6
deny all any all any all len 100-200
permit all any all any all
exit
vrf def v1
rd 1:1
exit
int eth1
vrf for v1
ipv4 addr 1.1.1.1 255.255.255.252
ipv6 addr 1234::1 ffff:ffff::
ipv4 access-group-out test4
ipv6 access-group-out test6
exit
r2
hostname r2
vrf def v1
rd 1:1
exit
int eth1
vrf for v1
ipv4 addr 1.1.1.2 255.255.255.252
ipv6 addr 1234::2 ffff:ffff::
exit
r2 tping 100 5 1.1.1.1 vrf v1 siz 50
r2 tping 100 5 1234::1 vrf v1 siz 50
r1 tping 100 5 1.1.1.2 vrf v1 siz 50
r1 tping 100 5 1234::2 vrf v1 siz 50
r2 tping 0 5 1.1.1.1 vrf v1 siz 110
r2 tping 0 5 1234::1 vrf v1 siz 110
r1 tping 0 5 1.1.1.2 vrf v1 siz 110
r1 tping 0 5 1234::2 vrf v1 siz 110
r2 tping 100 5 1.1.1.1 vrf v1 siz 250
r2 tping 100 5 1234::1 vrf v1 siz 250
r1 tping 100 5 1.1.1.2 vrf v1 siz 250
r1 tping 100 5 1234::2 vrf v1 siz 250
- Install ContainerLab as described here
- Fetch crypt-acl18 file
- Launch ContainerLab
crypt-acl18.yml
topology:
containerlab deploy --topo crypt-acl18.yml
crypt-acl18.yml
topology:
containerlab destroy --topo crypt-acl18.yml