Download Print this page

HP A8800 Series Command Reference Manual page 35

Acl and qos

Hide thumbs Also See for A8800 Series:

Configuration manual (487 pages)

,

Installation manual (121 pages)

,

Fundamentals command reference (193 pages)

Table Of Contents

page of 153

/ 153
Contents
Table of Contents
Bookmarks

Table of Contents

Advertisement

Parameters

dscp dscp

flow-label

flow-label-value

logging

routing [ type

routing-type ]

fragment

time-range

time-range-name

vpn-instance

vpn-instance-name

If the protocol argument takes tcp (6) or udp (17), you can set the parameters shown in

Function

Specifies a DSCP preference

Specifies a flow label value in

an IPv6 packet header

Logs matching packets

Specifies the type of routing

header

Applies the rule to only

fragments

Specifies a time range for the

rule

Applies the rule to packets in a

VPN instance

29

Description

The dscp argument can be a number in the

range of 0 to 63, or in words, af11 (10), af12

(12), af13 (14), af21 (18), af22 (20), af23

(22), af31 (26), af32 (28), af33 (30), af41

(34), af42 (36), af43 (38), cs1 (8), cs2 (16), cs3

(24), cs4 (32), cs5 (40), cs6 (48), cs7 (56),

default (0), or ef (46).

The flow-label-value argument is in the range of

0 to 1048575.

This function requires that the module using the

ACL supports logging.

If an ACL has been applied to both the packet

filtering firewall and policy-based routing

modules, do not add or modify a rule that has

the logging keyword in the ACL. Doing so can

cause rule application failure on both modules.

For more information about packet filtering

firewall, see Security Configuration Guide. For

more information about policy-based routing,

see Layer 3—IP Routing Configuration Guide.

Use the logging keyword together with the rule

match counting function. To enable this

function, you can either execute the

hardware-count enable command in the ACL or

specify the counting keyword in the ACL rule

with logging specified.

The routing-type argument takes a value in the

range of 0 to 255.

If no routing type header is specified, the rule

applies to the IPv6 packets that have any type of

routing header.

The parameter is not supported in the current

software version. The parameter is reserved for

future support.

Without this keyword, the rule applies to all

fragments and non-fragments.

The time-range-name argument takes a

case-insensitive string of 1 to 32 characters. It

must start with an English letter. If the time range

is not configured, the system creates the rule.

However, the rule using the time range can take

effect only after you configure the timer range.

The vpn-instance-name argument takes a

case-sensitive string of 1 to 31 characters.

If no VPN instance is specified, the rule applies

to non-VPN packets.

Table

13.

Table of Contents

Advertisement

Table of Contents

Related Products for HP A8800 Series