Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1174
Views
0
Helpful
3
Replies

Updating ACL on a class-map

Go to solution
mac_mac_net83
Level 1
Level 1

‎01-02-2019 07:58 AM

HI Folks, 

Happy New Year to All, 

I have just one question below. 

 

If I have an existing QoS setup and is currently tied up on an interface, I want to update the ACLs, that are reference to the class-map, if I add another entry to match new IP addresses , what is the best practice here? Can it match the new entries without removing the policy-map on the interfaces? The problem I have here is that the policy map is already attached to a lot of interface so it could be some administrative burden if I need to remove the policy-maps. 

 

Any inputs are appreciated. 

Mark

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎01-02-2019 04:05 PM

Hello Mark,

Happy New Year to you as well!

You did not mention what is the exact device type and the operating system version you are running there which could be of some importance. However, ordinarily, you can safely modify the ACLs that are referenced by class-maps, and the changes will take effect immediately. It is not necessary to remove and reapply the policy-maps for these classes.

Please feel welcome to ask further!

Best regards,
Peter

View solution in original post

0 Helpful

Go to solution
rasmus.elmholt
Level 7
Level 7

‎01-03-2019 07:39 AM

Hi

You should be able to add new ACEs where they are needed using the sequence numbers in an ACL on the fly.
And than resequence the ACL afterwards if needed.

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-data-acl-xe-3s-book/sec-acl-seq-num.html

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎01-02-2019 04:05 PM

Hello Mark,

Happy New Year to you as well!

You did not mention what is the exact device type and the operating system version you are running there which could be of some importance. However, ordinarily, you can safely modify the ACLs that are referenced by class-maps, and the changes will take effect immediately. It is not necessary to remove and reapply the policy-maps for these classes.

Please feel welcome to ask further!

Best regards,
Peter

0 Helpful

Go to solution
mac_mac_net83
Level 1
Level 1
In response to Peter Paluch

‎01-03-2019 07:35 AM

Hi Peter, mostly Cisco ASRs , IOS version 9.03.16.04b.S.155-3.S4b-ext
0 Helpful

Go to solution
rasmus.elmholt
Level 7
Level 7

‎01-03-2019 07:39 AM

Hi

You should be able to add new ACEs where they are needed using the sequence numbers in an ACL on the fly.
And than resequence the ACL afterwards if needed.

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-data-acl-xe-3s-book/sec-acl-seq-num.html
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card