Inserting a New Identifier

You can enter most statements and identifiers in any order. Regardless of the order in which you enter the configuration statements, the CLI always displays the configuration in a strict order. However, in a few cases the ordering of the statements matters because the configuration statements create a sequence that is analyzed in order.

For example, rules for interface, subscriber, and DHCP classification scripts are evaluated in the order in which they appear in the configuration. If you add a rule that you want to be evaluated before an existing rule, you need to modify the ordering of the rules. To modify a portion of the configuration in which the statement order matters:

If you do not use the insert command, but instead simply configure the identifier, it is placed at the end of the list of similar identifiers.

You use the insert command to reorder identifiers that you have already configured.

Examples: Inserting a New Identifier

Add a new subscriber classification rule and insert it before existing rules at the [edit shared sae user-classifier] hierarchy level:

[edit shared sae user-classifier]
user@host> show
rule rule-2 {
 target <-retailerDn->??sub?(uniqueID=<-userName->);
  condition {
    loginType == "SYNC";
  }
}
rule rule-3 {
  target <-unauthenticatedUserDn->;
  condition {
    loginType == "TOKEN";
    loginType == "PUBLIC";
  }
}
rule rule-4 {
  target <-retailerDn->??sub?(uniqueID=<-userName->);
  condition {
    retailerDn != "";
    & userName != "";
  }
}
[edit shared sae user-classifier]
user@host# set rule new target "[<-unauthenticatedUserDn->]"       
[edit shared sae user-classifier]
user@host# set rule new condition "loginType=="AuthADDR"" 
[edit shared sae user-classifier]
user@host# insert rule new before rule-2 
[edit shared sae user-classifier]
user@host# show 
rule new {
  target "[<-unauthenticatedUserDn->]";
  condition {
    loginType==AuthADDR;
  }
}
rule rule-2 {
  target <-retailerDn->??sub?(uniqueID=<-userName->);
  condition {
    loginType == "SYNC";
  }
}
rule rule-3 {
  target <-unauthenticatedUserDn->;
  condition {
    loginType == "TOKEN";
    loginType == "PUBLIC";
  }
}
rule rule-4 {
  target <-retailerDn->??sub?(uniqueID=<-userName->);
  condition {
    retailerDn != "";
    & userName != "";
  }
}

Related Documentation