Huawei quidway s3526 series Getting Started page 417

Command Manual - QoS/ACL
Quidway S3500 Series Ethernet Switches
name acl-name: Specifies an access list with a character string, beginning with English
letters [a-z, A-Z] only, excluding space and quotation marks, and not case sensitive.
The all and any keywords are not allowed.
advanced: Advanced ACL..
basic: Basic ACL..
link: L2 ACL..
user: User-defined ACL..
config: Follow the user configuration order to match ACL rules.
auto: Follow the depth-first order to match ACL rules.
all: Configures to delete all the ACLs (including numbered and named ACLs).
Description
Using acl command, you can configure a numbered or named ACL, and enter the
corresponding ACL view. Using undo acl command, you can cancel all the rules of a
numbered or named ACL or all the ACLs.
By default, the ACLs are matched in config order.
You can use the acl command to create an ACL and specify its name with "acl-name"
and its type with the keywords "advanced", "basic", "link", or "user". For both
numbered and named ACL, you can use the rule command to add rules for them after
entering ACL view. (Use the quit command to exit ACL view.) An ACL may contain
multiple rules and the traffic classification rules concern different ranges, which brings
forward the issue of match order when a data packet matches more than one rule.
Using the match-order parameter, you can configure to follow the user configuration
order (as defaulted) or depth-first order (matching the rule with smaller range first) to
match the rules. After specified the match order of an ACL, you cannot change it,
unless delete all its rules and specify the order again. Note that, the match order of ACL
can only be effective in the case ACL is cited by software to filter and classify data.
Due the chips installed, the hardware match order of ACL's sub-rule is different in
different switch models. The details are listed in the following table.
Table 1-7 Hardware match order of ACL's sub-rule
S3526E and S3526C
For related configurations, refer to the command rule.
Example
# Configure to follow depth-first order to match the rules of ACL 2000.
Switch
An ACL is configured with multiple sub-rules. The latest
sub-rule will be matched first.
Huawei Technologies Proprietary
Hardware match order of ACL's sub-rule
1-15
Chapter 1 ACL Commands