traffic-policy(BAS interface view)
Function
The traffic-policy command applies a traffic policy to Layer 2 or Layer 3 leased line users.
The undo traffic-policy command cancels the application of a traffic policy to Layer 2 or Layer 3 leased line users.
By default, no traffic policy is applied to Layer 2 or Layer 3 leased line users.
This command is supported only on the NetEngine 8000 F1A.
Usage Guidelines
Usage Scenario
When enterprise users access the Router over a Layer 3 leased line, each enterprise belongs to a VPN. To allow access control between users in an enterprise, run the traffic-policy command to apply a traffic policy to a BAS interface for each user. When Layer 2 or Layer 3 leased line users are not authenticated, applying a traffic policy to a BAS interface is also required to allow access control between Layer 2 or Layer 3 leased line users.
Prerequisites
- A traffic policy has been created.
- The BAS interface has been configured as a Layer 2 or Layer 3 leased line interface.
Precautions
This command is mutually exclusive with the match-type vxlan-qos-local-id enable command.
Example
<HUAWEI> system-view [~HUAWEI] traffic policy abc [*HUAWEI-trafficpolicy-abc] commit [~HUAWEI-trafficpolicy-abc] quit [~HUAWEI] interface GigabitEthernet 0/1/2 [~HUAWEI-GigabitEthernet0/1/2] bas [*HUAWEI-GigabitEthernet0/1/2-bas] display this access-type layer3-leased-line user-name sr-test-eth password cipher %@%##!!!!!!!!!"!!!!"!!!!(!!!!1];16qfZ81fv"uMoKKZ.1k"`AO!X2K2N.b~'NB^V!!!!!!!!!!1!!!!o/4J(q"J1F.!K9%M!6x8%@%# default-domain authentication enterprise_sr qos-profile sr1_qos inbound qos-profile sr1_qos outbound # [*HUAWEI-GigabitEthernet0/1/2-bas] traffic-policy abc inbound