How to Add Comments to Map Rules

You can add comments to map rules. Use comments to label the purpose of a rule or the type of traffic covered by a rule.

You can add comments to the following CLI map commands:

■   map rule add pass
■   map rule add drop
■   map gsrule add pass
■   map gsrule add drop
■   map flowrule add pass gtp
■   map flowrule add drop gtp

Map rule comments are optional on these commands.

Consider the following when adding map rule comments:

■   Use up to 128 characters, including spaces.
■   Enclose the comment in quotation marks, if the comment is longer than one word.
■   To include double quotation marks (") inside the quotation marks, precede it with a backslash (\).

Map Rule Comments Examples

The following are individual examples of valid map rule comments.

Command

(config) # map alias 1 rule add pass ipver 4 comment “Allow IPv4”

(config) # map alias 1 rule add pass macdst 11:22:33:44:55:66 00:00:00:00:00:00 comment “Allow MAC dst 11:22:33:44:55:66”

(config) # map alias 1 rule add drop ipver 6 comment “Drop IPv6”

(config) # map alias 1 rule add drop macdst 11:22:33:44:55:66 00:00:00:00:00:00 comment “Drop MAC dst 11:22:33:44:55:66”

(config) # map alias 1 gsrule add pass ipver any value 4 comment "Allow IPv4"

(config) # map alias 1 gsrule add drop ipv6 flow-label any value 6 comment "Drop IPv6"

(config) # map alias 1 flowrule add pass gtp imsi 123456 comment "Allow imsi 123456"

(config) # map alias 1 flowrule add drop gtp imsi 123456 comment "Drop imsi 123456"

(config) # map alias 1 rule add pass ipver 4 comment “Allow \“IPv4\””

Note:   Error messages are displayed when a comment is invalid, for example:

■   if the comment is longer than one word and does not include double quotation marks
■   if the comment is longer than 128 characters
■   if the rule with which the comment is included is not valid

 

Map Rule Logic Examples

For example, the rules shown in the following table are both set up with criteria for vlan 100 and portsrc 23.

■   The first example combines the two criteria into a single rule. This joins the criteria with a logical AND.
■   The second example creates two separate rules – one for each of the criteria. This joins the criteria with a logical OR.

 

CLI Commands

Description

Criteria in Single Rule Joined with AND

(config map alias mymap) # rule add pass vlan 100 portsrc 23

Creates single rule with two criteria – VLAN ID 100 and source leader in a bidirectional clock relationship (formerly master) port 23.

Because the criteria are in a single rule, they are joined with a logical AND. This means that a packet must match both VLAN 100 and portsrc 23 to match this rule.

Multiple Rules Joined with OR

(config map alias mymap) # rule add pass vlan 100

Creates a rule in the map called mymap for VLAN ID 100.

(config map alias mymap) # rule add pass portsrc 23

Creates a rule in the map called mymap for source port 23.

Because the criteria are in separate rules, they are joined with a logical OR. This means that a packet can match either VLAN 100 or portsrc 23 to match this map.