tidy-acl

Tidy ACLs listings on ASA

Normaly a show access-list would bring up something like

access-list OUTSIDE-IN line 1 extended permit ip object-group FOO any (hitcnt=9001)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.1 any (hitcnt=9000)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.2 any (hitcnt=1)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.3 any (hitcnt=0)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.4 any (hitcnt=0)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.5 any (hitcnt=0)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.6 any (hitcnt=0)
  access-list OUTSIDE-IN line 1 extended permit ip host 10.42.23.7 any (hitcnt=0)
access-list OUTSIDE-IN line 2 extended permit ip object-group BAR any (hitcnt=9002)
  ...

Sometimes you just like to see the leading configuration lines. To get there you can simply exclude a double whitespace like:

show access-list | exclude \ \ 
access-list OUTSIDE-IN line 1 extended permit ip object-group FOO any (hitcnt=9001)
access-list OUTSIDE-IN line 2 extended permit ip object-group BAR any (hitcnt=9002)
port-channel

IEEE 802.3ad - Link aggregation on a CISCO Switch

In case you are wondering it’s a stacked switch so the Gi1/0/* is one switch and Gi2/0/* is the other one, aiming for maximum redundancy. The interesting part is the channel-protocol lacp statement.

This article is the counterpart of bonding.

interface Port-channel1
description Po1 (Etherchannel Gi1/0/1, Gi2/0/1)
switchport trunk encapsulation dot1q
switchport mode access
storm-control broadcast level 0.50
storm-control multicast level 0.50
spanning-tree portfast

interface GigabitEthernet1/0/1
description Server - eth0 (Po1 link 1)
switchport access vlan 2
switchport mode access
load-interval 30
storm-control broadcast level 0.50
storm-control multicast level 0.50
channel-protocol lacp
channel-group 1 mode active
spanning-tree portfast

interface GigabitEthernet2/0/1
description Server - eth1 (Po1 link 1)
switchport access vlan 2
switchport mode access
load-interval 30
storm-control broadcast level 0.50
storm-control multicast level 0.50
channel-protocol lacp
channel-group 1 mode active
spanning-tree portfast

all pages tagged cisco

tidy-acl
Posted
port-channel
Posted
Comments on this page are closed.