apply policy
Syntax
apply policy <POLICY-NAME> {in|routed-in}
no apply policy <POLICY-NAME> {in|routed-in}
Description
Applies a policy to the current interface or VLAN context.
Only one policy can be applied to a port or VLAN at a time, thus using the apply command on an interface or VLAN with an already-applied policy of the same direction will replace the currently applied policy.
apply
command on an interface with an already-applied policy of a different direction (in vs routed-in) will not replace the currently applied policy, but the new policy will not get applied successfully.
VLAN only supports the
in
direction, while interface VLANs only support the
routed-in
direction.
The
no
form of this command removes a policy from the interface or VLAN specified by the current context.
Command context
config-if
config-vlan
Parameters
<POLICY-NAME>
Specifies the policy to apply.
in
Specifies inbound (ingress) traffic.
routed-in
Specifies routed inbound (ingress) traffic.
Authority
Administrators
Usage
If during switch reboot, a policy fails to be applied to a VLAN, all the ports will be shut down. The switch must be restarted to recover from the failure. Modifying the VLAN or policy configuration will not cause the ports to be restarted.
Examples
Applying a policy to a port:
switch(config)# interface 1/1/1 switch(config-if)# apply policy MY_POLICY in
Removing a policy from a port:
switch(config)# interface 1/1/1 switch(config-if)# no apply policy MY_POLICY in
Applying a policy to a VLAN:
switch(config)# VLAN 10 switch(config-vlan-10)# apply policy MY_POLICY in
Removing a policy from a VLAN:
switch(config)# VLAN 10 switch(config-vlan-10)# no apply policy MY_POLICY in