Create ACL Deny Traffic between vlan on VRF

santunez · February 19, 2024, 4:34pm

hello, everyone

In a laboratory with 2 SN2410 switches, I need to create ACL rules either with nv set or iptables, ebtables that allow me to deny traffic between VRFs

I have 150 vlans distributed in vrf, which are configured with VRR, MLAG

I need to be able to create rules that allow me to ensure that all vlan traffic that is in the vrf DEV cannot see traffic from any vlan of the VRF QA

Is it possible to create ACL rules that allow me to do the above.

Regards

epulvino · February 29, 2024, 3:54pm

VRFs are by their design isolated at L3 but this includes L2 and L1 as well. I don’t think you would need to create any ACLs to accomplish this as it is the default behavior unless you are performing VRF route leaking which was not mentioned in the query.

santunez · February 29, 2024, 4:31pm

Ok, thanks for your comments

Topic		Replies	Views
basic inter-vlan routing Ethernet Switches	1	285	September 28, 2015
Ethernet traffic mirror by ACL Switches and Gateways	1	249	December 13, 2019
Inter-vlan routing Ethernet Switches	6	1395	October 4, 2023
Bridge over VFs Adapters and Cables	2	307	February 3, 2021
Route target format for EVPN Ethernet Switches	1	279	June 23, 2024
Assign a MAC to a VLAN Ethernet Switches	3	440	August 16, 2018
SX Switch Port Security Ethernet Switches	1	303	August 7, 2013
SN2010 Layer 2 QoS for Vlan Ethernet Switches mlnx_qos	4	604	April 18, 2024
How do you avoid having all tcp/ip traffic routed through MGMT0 when your default route gateway is on the same vlan as the MGMT0 interface. Switches and Gateways mlag , gateway , management , ip-routing-mellanox-ethernet-switch , ip	1	596	October 23, 2019
Vlans configuration in mellanox qm8700 InfiniBand/VPI Switch Systems kb	2	1536	December 1, 2022

Create ACL Deny Traffic between vlan on VRF

Related topics