Configuring An Ethernet Frame Header Acl - HP A5120 EI Series Configuration Manual
Acl and qos
Hide thumbs
Also See for A5120 EI Series:
- Command reference manual (225 pages) ,
- Configuration manual (197 pages) ,
- Installation manual (91 pages)
Table of Contents
Advertisement
To do...
Enter system view
Create an IPv6 advanced ACL
and enter its view
Configure a description for
the IPv6 advanced ACL
Set the rule numbering step
Create or edit a rule
Configure or edit a rule
description
Enable counting ACL rule
matches performed in
hardware
Configuring an Ethernet frame header ACL
Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol
header fields, such as source MAC address, destination MAC address, 802.1p priority (VLAN priority),
and link layer protocol type.
Use the command...
system-view
acl ipv6 number acl6-number [ name
acl6-name ] [ match-order { auto |
config } ]
description text
step step-value
rule [ rule-id ] { deny | permit } protocol
[ { { ack ack-value | fin fin-value | psh
psh-value | rst rst-value | syn syn-value
| urg urg-value } * | established } |
counting | destination { dest dest-prefix
| dest/dest-prefix | any } | destination-
port operator port1 [ port2 ] | dscp
dscp | flow-label flow-label-value |
fragment | icmp6-type { icmp6-type
icmp6-code | icmp6-message } |
logging | source { source source-prefix
| source/source-prefix | any } | source-
port operator port1 [ port2 ] | time-
range time-range-name ] *
rule rule-id comment text
hardware-count enable
8
Remarks
––
Required
By default, no ACL exists.
IPv6 advanced ACLs are
numbered in the range 3000 to
3999.
You can use the acl ipv6 name
acl6-name command to enter
the view of a named IPv6 ACL.
Optional
By default, an IPv6 advanced
ACL has no ACL description.
Optional
5 by default.
Required
By default IPv6 advanced ACL
does not contain any rule.
To create or edit multiple rules,
repeat this step.
If the ACL is for packet filtering,
the operator argument cannot
be neq.
If the ACL is for QoS traffic
classification, do not specify the
fragment keyword or specify
neq for the operator argument.
The keywords can cause ACL
application failure.
The logging and counting
keywords (even if specified) do
not take effect for QoS.
Optional
By default, an IPv6 advanced
ACL rule has no rule
description.
Optional
Disabled by default.
When the ACL is referenced by
a QoS policy, this command
does not take effect.
Advertisement
Table of Contents
