1. Manuals
  2. Brands
  3. HPE Manuals
  4. Switch
  5. 3100 v2 Series
  6. Configuration manual

Configuring An Ipv6 Advanced Acl - HPE 3100 v2 Series Configuration Manual

Acl and qos
Hide thumbs Also See for 3100 v2 Series:
Table of Contents

Advertisement

Step
5.
Create or edit a
rule.
6.
Add or edit a
rule comment.
7.
Add or edit a
rule range
remark.
8.
Enable counting
ACL rule
matches
performed in
hardware.

Configuring an IPv6 advanced ACL

IPv6 advanced ACLs match packets based on the source IPv6 addresses, destination IPv6
addresses, packet priorities, protocols carried over IPv6, and other protocol header fields such as
the TCP/UDP source port number, TCP/UDP destination port number, ICMPv6 message type, and
ICMPv6 message code.
Compared to IPv6 basic ACLs, IPv6 advanced ACLs allow more flexible and accurate filtering.
Configuration restrictions and guidelines
When the protocol argument takes 43, 44, 51, or 60, the ACL cannot function on for the outbound
QoS application.
Configuration procedure
To configure an IPv6 advanced ACL:
Step
1.
Enter system
view.
Command
rule [ rule-id ] { deny | permit }
protocol [ { { ack ack-value | fin
fin-value | psh psh-value | rst
rst-value | syn syn-value | urg
urg-value } * | established } |
counting | destination
{ dest-addr dest-wildcard |
any } | destination-port
operator port1 [ port2 ] | dscp
dscp | fragment | icmp-type
{ icmp-type [ icmp-code ] |
icmp-message } | logging |
precedence precedence |
source { sour-addr
sour-wildcard | any } |
source-port operator port1
[ port2 ] | time-range
time-range-name | tos tos ] *
rule rule-id comment text
rule [ rule-id ] remark text
hardware-count enable
Command
system-view
Remarks
By default, an IPv4 advanced ACL does not
contain any rule.
If an IPv4 advanced ACL is for QoS traffic
classification or packet filtering:
Do not specifyneq for the operator
argument.
Do not specify the fragment keyword.
The counting and logging keywords take effect
only for an ACL used for packet filtering. Do not
specify the two keywords for an ACL used for
other purposes.
Optional.
By default, no rule comments are configured.
Optional.
By default, no rule range remarks are configured.
Optional.
Disabled by default.
This command is available only on the HPE 3100
v2 EI switches.
This command takes effect only for an ACL used
for packet filtering. Do not configure this
command for an ACL used for other purposes.
Remarks
N/A
7

Advertisement

Table of Contents
loading

Related Manuals for HPE 3100 v2 Series

Related Content for HPE 3100 v2 Series

Table of Contents