Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Inserting a New Identifier

    You can enter most statements and identifiers in any order. Regardless of the order in which you enter the configuration statements, the CLI always displays the configuration in a strict order. However, in a few cases the ordering of the statements matters because the configuration statements create a sequence that is analyzed in order.

    For example, rules for interface, subscriber, and DHCP classification scripts are evaluated in the order in which they appear in the configuration. If you add a rule that you want to be evaluated before an existing rule, you need to modify the ordering of the rules. To modify a portion of the configuration in which the statement order matters:

    • Use the insert configuration mode command:
      user@host# insert < statement-path > identifier1 (before | after) identifier2

    If you do not use the insert command, but instead simply configure the identifier, it is placed at the end of the list of similar identifiers.

    You use the insert command to reorder identifiers that you have already configured.

    Examples: Inserting a New Identifier

    Add a new subscriber classification rule and insert it before existing rules at the [edit shared sae user-classifier] hierarchy level:

    [edit shared sae user-classifier]
    user@host> show
    rule rule-2 {
     target <-retailerDn->??sub?(uniqueID=<-userName->);
      condition {
        loginType == "SYNC";
      }
    }
    rule rule-3 {
      target <-unauthenticatedUserDn->;
      condition {
        loginType == "TOKEN";
        loginType == "PUBLIC";
      }
    }
    rule rule-4 {
      target <-retailerDn->??sub?(uniqueID=<-userName->);
      condition {
        retailerDn != "";
        & userName != "";
      }
    }
    [edit shared sae user-classifier]
    user@host# set rule new target "[<-unauthenticatedUserDn->]"       
    [edit shared sae user-classifier]
    user@host# set rule new condition "loginType=="AuthADDR"" 
    [edit shared sae user-classifier]
    user@host# insert rule new before rule-2 
    [edit shared sae user-classifier]
    user@host# show 
    rule new {
      target "[<-unauthenticatedUserDn->]";
      condition {
        loginType==AuthADDR;
      }
    }
    rule rule-2 {
      target <-retailerDn->??sub?(uniqueID=<-userName->);
      condition {
        loginType == "SYNC";
      }
    }
    rule rule-3 {
      target <-unauthenticatedUserDn->;
      condition {
        loginType == "TOKEN";
        loginType == "PUBLIC";
      }
    }
    rule rule-4 {
      target <-retailerDn->??sub?(uniqueID=<-userName->);
      condition {
        retailerDn != "";
        & userName != "";
      }
    }

    Modified: 2014-06-10