Re-Marking; Viewing Acl Statistics; Acl Configuration Examples; Configure Access Control Lists (Cli Example) - HP GbE2c - Blc Layer 2/3 Fiber SFP Option Application Manual

Ethernet blade switch for c-class bladesystem

Hide thumbs Also See for GbE2c - Blc Layer 2/3 Fiber SFP Option:

Interface manual (209 pages)

Command reference manual (175 pages)

Cli reference manual (153 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

Table of Contents

Using meters, you set a Committed Rate in Kb/s (1024 bits per second in each Kb/s). All traffic within this Committed

Rate is In-Profile. Additionally, you set a Maximum Burst Size that specifies an allowed data burst larger than the

Committed Rate for a brief period. These parameters define the In-Profile traffic.

Meters keep the sorted packets within certain parameters. You can configure a meter on an ACL, and perform actions

on metered traffic, such as packet re-marking.

Re-marking

Re-marking allows for the treatment of packets to be reset based on new network specifications or desired levels of

service. You can configure the ACL to re-mark a packet as follows:

Change the DSCP value of a packet, used to specify the service level traffic should receive.

Change the 802.1p priority of a packet.

Viewing ACL statistics

ACL statistics display how many packets hit (matched) each ACL. Up to 64 statistic counters can be displayed for

each ACL Precedence Group. Use ACL statistics to check filter performance, and debug the ACL filters.

You must enable statistics (cfg/acl/acl x/stats ena) for each ACL that you want to monitor.

ACL configuration examples

Configure Access Control Lists (CLI example)

The following configuration examples illustrate how to use Access Control Lists (ACLs) to block traffic. These basic

configurations illustrate common principles of ACL filtering.

NOTE:

Each ACL filters traffic that ingresses on the port to which the ACL is added. The egrport classifier

filters traffic that ingresses the port to which the ACL is added, and then egresses the port specified by

egrport. In most common configurations, egrport is not used.

Example 1: Use this configuration to block traffic to a specific host.

>> Main# /cfg/acl/acl 255

>> ACL 255# ipv4/dip 100.10.1.116 255.255.255.255

>> Filtering IPv4# ..

>> ACL 255# action deny

>> ACL 255# /cfg/port 20/aclqos

>> Port 20 ACL# add acl 255

>> Port 20 ACL# apply

>> Port 20 ACL# save

In this example, all traffic that ingresses on port 20 is denied if it is destined for the host at

IP address 100.10.1.116.

Example 2: Use this configuration to block traffic from a network destined for a specific host address.

>> Main# /cfg/acl/acl 256

>> ACL 256# ipv4/sip 100.10.1.0 255.255.255.0

>> ACL 256# ipv4/dip 200.20.1.116 255.255.255.255

>> Filtering IPv4# ..

>> ACL 256# action deny

>> ACL 256# /cfg/port 20/aclqos

>> Port 20 ACL# add acl 256

>> Port 20 ACL# apply

>> Port 20 ACL# save

(Define ACL 255)

(Add ACL to port 20)

(Define ACL 256)

(Add ACL to port 20)

Quality of Service 75

Table of Contents

Troubleshooting

This manual is also suitable for:

Gbe2c Xw460c - proliant - blade workstation

Re-Marking; Viewing Acl Statistics; Acl Configuration Examples; Configure Access Control Lists (Cli Example) - HP GbE2c - Blc Layer 2/3 Fiber SFP Option Application Manual

Re-marking

Viewing ACL statistics

ACL configuration examples

Configure Access Control Lists (CLI example)

Troubleshooting

Related Manuals for HP GbE2c - Blc Layer 2/3 Fiber SFP Option

Related Content for HP GbE2c - Blc Layer 2/3 Fiber SFP Option

This manual is also suitable for:

Table of Contents