Huawei Quidway S9300 Configuration Manual page 168

Terabit routing switch v100r001c03

Hide thumbs Also See for Quidway S9300:

Configuration manual - network management (630 pages)

Configuration manual (603 pages)

Configuration manual - multicast (262 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

page of 178

/ 178
Contents
Table of Contents
Bookmarks

Table of Contents

8 ACL Configuration

# Configure the URPF mode on the interface.

[Quidway] interface gigabitethernet 1/0/1

[Quidway-GigabitEthernet1/0/1] urpf strict

[Quidway-GigabitEthernet1/0/1] quit

[Quidway] interface gigabitethernet 2/0/1

[Quidway-GigabitEthernet2/0/1] urpf strict

[Quidway-GigabitEthernet2/0/1] quit

Step 2 Configure the traffic classifier that is based on the ACL rules.

# Define the ACL rules.

[Quidway] acl 2000

[Quidway-acl-basic-2000] rule permit source 10.0.0.2 0.0.0.255

[Quidway-acl-basic-2000] quit

# Configure the traffic classifier and define the ACL rules.

[Quidway] traffic classifier tc1

[Quidway-classifier-tc1] if-match acl 2000

[Quidway-classifier-tc1] quit

Step 3 Configure the traffic behavior.

# Define the traffic behavior and disable the URPF function in the traffic behavior view.

[Quidway] traffic behavior tb1

[Quidway-behavior-tb1] ip uprf disable

[Quidway-behavior-tb1] quit

Step 4 Configure the traffic policy.

# Define the traffic policy and associate the traffic classifier and traffic behavior with the traffic

policy.

[Quidway] traffic policy tp1

[Quidway-trafficpolicy-tp1] classifier tc1 behavior tb1

[Quidway-trafficpolicy-tp1] quit

# Apply the traffic policy to GE 1/0/1.

[Quidway] interface gigabitethernet 1/0/1

[Quidway-GigabitEthernet1/0/1] traffic-policy tp1 inbound

[Quidway-GigabitEthernet1/0/1] quit

Step 5 Verify the configuration.

# Check the configuration of the ACL rules.

<Quidway> display acl 2000

Basic ACL 2000, 1 rule

Acl's step is 5

rule 5 permit source 10.0.0.0 0.0.0.255 (0 times matched)

# Check the configuration of the traffic classifier.

<Quidway> display traffic classifier user-defined

User Defined Classifier Information:

# Check the configuration of the traffic policy.

User Defined Traffic Policy Information:

Policy: tp1

8-14

Classifier: tc1

Precedence: 20

Operator: OR

Rule(s) : if-match acl 2000

display traffic policy user-defined tp1

Huawei Proprietary and Confidential

Quidway S9300 Terabit Routing Switch

Configuration Guide - Security

Issue 01 (2009-07-28)

Table of Contents

Huawei Quidway S9300 Configuration Manual page 168

Related Manuals for Huawei Quidway S9300

Related Products for Huawei Quidway S9300

Table of Contents