Configuring an IPv6 advanced ACL
IPv6 advanced ACLs match packets based on the following criteria:
•
Source IPv6 addresses.
Destination IPv6 addresses.
•
Packet priorities.
•
Protocol numbers.
•
Other protocol header fields such as the TCP/UDP source port number, TCP/UDP destination port
•
number, ICMPv6 message type, and ICMPv6 message code.
Compared to IPv6 basic ACLs, IPv6 advanced ACLs allow more flexible and accurate filtering.
To configure an IPv6 advanced ACL:
Step
1.
Enter system
view.
2.
Create an IPv6
advanced ACL
and enter its
view.
3.
(Optional.)
Configure a
description for
the IPv6
advanced ACL.
4.
(Optional.) Set
the rule
numbering step.
Command
system-view
acl ipv6 number acl-number
[ name acl-name ]
[ match-order { auto |
config } ]
description text
step step-value
7
Remarks
N/A
By default, no ACL exists.
IPv6 advanced ACLs are numbered in the range of
3000 to 3999.
You can use the acl ipv6 name acl-name command
to enter the view of a named ACL.
By default, an IPv6 advanced ACL has no ACL
description.
The default setting is 5.