HP HSR6800 Command Reference Manual page 24

Acl and qos

Hide thumbs Also See for HSR6800:

Configuration manual (478 pages)

Installation manual (146 pages)

Troubleshooting manual (41 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

page of 170

/ 170
Contents
Table of Contents
Bookmarks

Table of Contents

Parameters

Function

destination

{ dest-address

Specifies a destination

dest-wildcard |

address

any }

Counts the number of times the

ACL rule has been matched.

counting

This option is disabled by

default.

precedence

Specifies an IP precedence

precedence

value

tos tos

Specifies a ToS preference

dscp dscp

Specifies a DSCP priority

logging

Logs matching packets

Specifies that the rule be

reflective

vpn-instance

Applies the rule to packets in a

vpn-instance-name

VPN instance

Applies the rule to only

fragment

non-first fragments

time-range

Specifies a time range for the

time-range-name

rule

NOTE:

If you provide the precedence or tos keyword in addition to the dscp keyword, only the dscp keyword

takes effect.

If the protocol argument takes tcp (6) or udp (7), set the parameters shown in

Description

The dest-address dest-wildcard arguments represent a

destination IP address and wildcard mask in dotted

decimal notation. An all-zero wildcard specifies a host

address.

The any keyword represents any destination IP address.

N/A

The precedence argument can be a number in the range

of 0 to 7, or in words, routine (0), priority (1),

immediate (2), flash (3), flash-override (4), critical (5),

internet (6), or network (7).

The tos argument can be a number in the range of 0 to

15, or in words, max-reliability (2), max-throughput

(4), min-delay (8), min-monetary-cost (1), or normal

(0).

The dscp argument can be a number in the range of 0 to

63, or in words, af11 (10), af12 (12), af13 (14), af21

(18), af22 (20), af23 (22), af31 (26), af32 (28), af33

(30), af41 (34), af42 (36), af43 (38), cs1 (8), cs2 (16),

cs3 (24), cs4 (32), cs5 (40), cs6 (48), cs7 (56), default

(0), or ef (46).

This function requires that the module (for example, a

firewall) that uses the ACL supports logging.

A rule with the reflective keyword can be defined only

for TCP, UDP, or ICMP packets and can only be a permit

statement.

The vpn-instance-name argument takes a case-sensitive

string of 1 to 31 characters.

If no VPN instance is specified, the rule applies only to

non-VPN packets.

Without this keyword, the rule applies to all fragments

and non-fragments.

The time-range-name argument takes a case-insensitive

string of 1 to 32 characters. It must start with an English

letter. If the time range is not configured, the system

creates the rule. However, the rule using the time range

can take effect only after you configure the timer range.

Table

Table of Contents

HP HSR6800 Command Reference Manual page 24

Related Manuals for HP HSR6800

Related Products for HP HSR6800

Table of Contents