C H A P T E R 33 Configuring Ipv4 And Ipv6 Access Control Lists; Ipv4-Acl And Ipv6-Acl Configuration Guidelines; About Filter Contents; Protocol Information - HP Cisco MDS 9020 - Fabric Switch Configuration Manual

Cisco mds 9000 family cli configuration guide, release 3.x (ol-16184-01, april 2008)

Hide thumbs Also See for Cisco MDS 9020 - Fabric Switch:

Service manual (242 pages)

Configuration manual (1384 pages)

Handbook (141 pages)

Table of Contents

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m

IPv4-ACL and IPv6-ACL Configuration Guidelines

Follow these guidelines when configuring IPv4-ACLs or IPv6-ACLs in any switch or director in the

Cisco MDS 9000 Family:

An IP filter contains rules for matching an IP packet based on the protocol, address, port, ICMP type,

and type of service (TOS).

This section includes the following topics:

The protocol information is required in each filter. It identifies the name or number of an IP protocol.

You can specify the IP protocol in one of two ways:

Cisco MDS 9000 Family CLI Configuration Guide

You can apply IPv4-ACLs or IPv6-ACLs to VSAN interfaces, the management interface, Gigabit

Ethernet interfaces on IPS modules and MPS-14/2 modules, and Ethernet PortChannel interfaces.

If IPv4-ACLs or IPv6-ACLs are already configured in a Gigabit Ethernet interface, you cannot

add this interface to an Ethernet PortChannel group. See the

Guidelines" section on page 45-7

Do not apply IPv4-ACLs or IPv6-ACLs to only one member of a PortChannel group. Apply

IPv4-ACLs or IPv6-ACLs to the entire channel group.

Configure the order of conditions accurately. As the IPv4-ACL or the IPv6-ACL filters are

sequentially applied to the IP flows, only the first match determines the action taken. Subsequent

matches are not considered. Be sure to configure the most important condition first. If no conditions

match, the software drops the packet.

Protocol Information, page 33-2

Address Information, page 33-3

Port Information, page 33-3

ICMP Information, page 33-4

TOS Information, page 33-4

Specify an integer ranging from 0 to 255. This number represents the IP protocol.

Specify the name of a protocol including, but not restricted to, Internet Protocol (IP), Transmission

Control Protocol (TCP), User Datagram Protocol (UDP), and Internet Control Message Protocol

When configuring IPv4-ACLs or IPv6-ACLs on Gigabit Ethernet interfaces, only use the TCP

or ICMP options.

Configuring IPv4 and IPv6 Access Control Lists

for guidelines on configuring IPv4-ACLs.

OL-16184-01, Cisco MDS SAN-OS Release 3.x

"Gigabit Ethernet IPv4-ACL

Chapters

Table of Contents

Troubleshooting

C H A P T E R 33 Configuring Ipv4 And Ipv6 Access Control Lists; Ipv4-Acl And Ipv6-Acl Configuration Guidelines; About Filter Contents; Protocol Information - HP Cisco MDS 9020 - Fabric Switch Configuration Manual

IPv4-ACL and IPv6-ACL Configuration Guidelines

About Filter Contents

Protocol Information

Chapters

Troubleshooting

Related Manuals for HP Cisco MDS 9020 - Fabric Switch

Related Content for HP Cisco MDS 9020 - Fabric Switch

This manual is also suitable for:

Table of Contents