03-22-2022 06:16 AM
I am trying to use netconf to configure ACLs on IOS XE devices. Is there a way to not specify the sequence number and just have it use the next one up like it does in regular CLI? Line 2 below, I'd rather just not specify a sequence number and have it choose one. Any way to do this?
<access-list-seq-rule> <sequence>2</sequence> <ace-rule> <action>deny</action> <protocol>ip</protocol> <ipv4-address>172.16.1.0</ipv4-address> <mask>0.0.0.15</mask> <dest-ipv4-address>172.16.2.0</dest-ipv4-address> <dest-mask>0.0.0.31</dest-mask> </ace-rule> </access-list-seq-rule>
Solved! Go to Solution.
03-22-2022 05:40 PM
Hi Seth
Based on the YANG model the “sequence” is a key of the list “access-list-seq-rule”:
list access-list-seq-rule {
key "sequence";
leaf sequence {
description
"Sequence number for this entry";
type uint64 {
range "1..4294967294";
}
}
So, you cannot skip it while configuring the ACL.
Yan
03-22-2022 05:40 PM
Hi Seth
Based on the YANG model the “sequence” is a key of the list “access-list-seq-rule”:
list access-list-seq-rule {
key "sequence";
leaf sequence {
description
"Sequence number for this entry";
type uint64 {
range "1..4294967294";
}
}
So, you cannot skip it while configuring the ACL.
Yan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: