Table of Contents
Advertisement
Command Manual – QoS/ACL
Quidway S8500 Series Routing Switches
auto: In depth-first order during matching ACL rules.
all: Deletes all ACLs (both number- and name-identified ones).
Description
Use the acl command to define a number- or name-identified ACL and enter its view.
Use the undo acl command to delete all rules of an ACL or all ACLs.
By default, the system matches ACL rules in configuration order.
Using the acl command, you can create an ACL named "acl-name". And the type of this
ACL is decided by keywords: "advanced", "basic" or "link". After entering a
corresponding ACL view, no matter the ACL is identified by a number or a name, you
can use the rule command to create rules of this named ACL (you can exit ACL view by
using the quit command).
You can select the match-order keyword to specify whether to match ACL rules in
configuration order or depth-first order (matching the rules with smaller range first). By
default, the former mode is selected. You cannot modify the matching order once you
specify it. To do so, you have to delete all rules of the ACL and specify a matching order
for it again.
Note:
The user-defined ACL matching order takes effect only when multiple rules of one ACL
are applied at the same time. For example, an ACL has two rules. If the two rules are
not applied simultaneously, even if you configure the matching order to be depth first,
the switch still matches them according to their application order.
If one rule is a subset of another rule in an ACL, it is recommended to apply the rules
according to the range of the specified packets. The rule with the smallest range of the
specified data packets is applied first, and then other rules are applied based on this
principle.
If one ACL is used, you cannot use the undo acl all command to delete any ACL.
If a certain advanced ACL has been occupied by IDS, the user cannot modify or delete
it any more through commands.
Related command: rule.
Example
# Specify depth first order as the match order of number 2000 ACL.
<Quidway> system-view
System View: return to User View with Ctrl+Z.
[Quidway] acl number 2000 match-order auto
Huawei Technologies Proprietary
1-2
Chapter 1 ACL Commands
Advertisement
Chapters
Table of Contents
