Table of Contents
Advertisement
Default
No IPv6 basic ACL rules exist.
Views
IPv6 basic ACL view
Predefined user roles
network-admin
Parameters
rule-id
: Specifies a rule ID in the range of 0 to 65534. If you do not specify a rule ID when creating
an ACL rule, the system automatically assigns it a rule ID. This rule ID is the nearest higher multiple
of the numbering step to the current highest rule ID, starting from the start rule ID. For example, if the
rule numbering step is 5 and the current highest rule ID is 28, the rule is numbered 30.
: Denies matching packets.
deny
: Allows matching packets to pass.
permit
counting
: Enables rule match counting in software. If you do not specify this keyword, matches for
the rule are not counted in software.
: Applies the rule only to fragments. If you do not specify this keyword, the rule applies to
fragment
both fragments and non-fragments.
: Logs the number of matching packets. This feature is available only when the application
logging
module (for example, packet filtering) that uses the ACL supports the logging feature.
routing [ type routing-type ]
or all types of IPv6 routing headers. The
routing header type, in the range of 0 to 255. If you do not specify the
the rule applies to all types of IPv6 routing headers.
source { source-address source-prefix | source-address
: Matches a source IPv6 address. The
any }
address. The
The
keyword represents any IPv6 source address.
any
time-range time-range-name
argument is a case-insensitive string of 1 to 32 characters. It must start with an English letter. If the
time range is not configured, the system creates the rule. However, the rule using the time range can
take effect only after you configure the time range. For more information about time range, see ACL
and QoS Configuration Guide.
vpn-instance vpn-instance-name
vpn-instance-name
to filter packets, if you do not specify a VPN instance, the rule applies to both non-VPN packets and
VPN packets. For an ACL used by other features, if you do not specify a VPN instance, the
implementation varies by feature. For more information, see the configuration guide of the feature.
Usage guidelines
The
fragment
The
type routing-type
Within an ACL, the permit or deny statement of each rule must be unique. If the rule you are creating
or editing has the same deny or permit statement as another rule in the ACL, the rule will not be
created or changed.
You can edit ACL rules only when the match order is
argument specifies an address prefix length in the range of 1 to 128.
source-prefix
argument is a case-sensitive string of 1 to 31 characters. For an ACL used
keyword is not supported for a QoS policy or a packet filter.
option is not supported for the
: Applies the rule to the specified type of IPv6 routing header
routing-type
source-address
: Specifies a time range for the rule. The
: Applies the rule to an MPLS L3VPN instance. The
config
32
argument specifies the value of the IPv6
type routing-type
/
source-prefix |
argument specifies a source IPv6
time-range-name
keyword.
routing
.
option,
Advertisement
Chapters
Table of Contents
